ClawHub

Alibabacloud Dsc Audit

Security checks across malware telemetry and agentic risk

Overview

The skill is a disclosed Alibaba Cloud DSC risk-event tool, but users should run it only with least-privilege cloud credentials and ignore the broader generic CLI examples.

Install only if you want an agent to inspect and manually handle Alibaba Cloud Data Security Center risk events. Use a dedicated RAM user or role with only yundun-sddp:DescribeRiskRules and, if needed, yundun-sddp:PreHandleAuditRisk; avoid putting access keys in chat, shell history, or logs; verify the active profile; and confirm the exact RiskId and handling note before allowing any handle operation.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (5)

Context-Inappropriate Capability

Medium
Confidence
92% confidence
Finding
The guide expands beyond the DSC audit skill's stated purpose by encouraging installation of arbitrary Alibaba Cloud plugins and broad command exploration. In an agent skill context, this widens the operational scope and can enable unintended access to unrelated cloud services, increasing the chance of misuse or over-privileged execution.

Context-Inappropriate Capability

Medium
Confidence
93% confidence
Finding
The document uses ECS verification and troubleshooting commands even though the skill is for DSC risk-event handling. This can steer users or agents toward validating credentials against unrelated services, normalizing broader cloud access than necessary and undermining least-privilege boundaries.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The guide shows non-interactive commands that place access key material directly on the command line without clearly warning that secrets may be exposed via shell history, process inspection, CI logs, or terminal transcripts. In an agent-driven environment, these risks are amplified because commands may be logged automatically or surfaced to other tools.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The environment variable examples export cloud credentials but do not warn that environment variables can leak through CI job logs, inherited subprocess environments, shell debugging, crash dumps, or shared sessions. Because this skill may be used in automation, such omissions materially increase the likelihood of credential exposure.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The documentation exposes an API that can manually change the handling state of security risk events, including closing alerts, but provides no warning, confirmation guidance, or restriction language around this sensitive action. In a security operations context, an agent using this skill could suppress or prematurely close real incidents, causing missed detections and weakening incident response integrity.

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal