ClawHub

Alibabacloud Ecs Disaster Recovery Image

Security checks across malware telemetry and agentic risk

Overview

This skill performs disclosed Alibaba Cloud disaster-recovery actions that can create billable resources, but the behavior is coherent with its purpose and gated by user choices.

Install only if you want an agent to operate your Alibaba Cloud ECS environment. Before approving a run, verify the account, region, source instance, target zone, resources to be created, and billing impact. Prefer least-privilege RAM roles or temporary credentials, and avoid pasting long-lived access keys into commands despite the reference examples.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The guide instructs users to pass Access Key ID and Access Key Secret directly on the command line and shows those secrets stored in plaintext in the CLI config file. This is dangerous because secrets provided as CLI arguments may be exposed via shell history, process listings, logs, or copied examples, and storing long-lived credentials in a local plaintext config increases the blast radius if the host is compromised.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The skill instructs the agent to create billable and environment-changing resources such as images, VSwitches, and new ECS instances, but the referenced command guidance does not include an explicit user-facing warning or confirmation requirement before those actions. In an agent setting, this can lead to unintended infrastructure changes, extra charges, and recovery resources being created without sufficiently informed consent, especially because the workflow is framed as backup/disaster recovery and may be triggered during urgent situations.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal