ClawHub

Alibabacloud Elasticsearch Network Manage

Security checks across malware telemetry and agentic risk

Overview

This skill is a coherent Alibaba Cloud administration aid, but it asks for broad authority to change network and security settings without enough guardrails for the riskiest operations.

Install only if you intentionally want an agent to help administer Alibaba Cloud Elasticsearch network/security settings. Use a dedicated RAM role or user scoped to the exact instance and needed actions, review every command body before execution, avoid passing real AccessKeys in chat or shell history, prefer temporary credentials where possible, and require explicit human approval before opening public access, replacing whitelists, disabling HTTPS, disabling SSO, or changing persistent Aliyun CLI/plugin settings.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (8)

Vague Triggers

Medium
Confidence
95% confidence
Finding
The trigger list contains broad terms like "https", "white ip", and "ES network" that are likely to match ordinary user requests and invoke this skill outside a clearly intended admin context. Because this skill performs security-sensitive network and access-control changes, overbroad activation increases the chance of unintended execution paths and unsafe recommendations.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The skill documents destructive or high-risk actions such as opening public network access, disabling HTTPS, and overwriting white IP lists, but does not consistently require a user-facing risk warning or elevated confirmation before those changes. In this context, the absence of strong warnings is dangerous because a user could unintentionally reduce exposure controls or lock themselves out of the service.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The guide includes examples that configure long-lived AccessKey credentials directly on the command line and notes that configuration is stored in ~/.aliyun/config.json. In an agent/automation context, this can lead to credential exposure through shell history, process listings, CI logs, or insecure local storage if users copy the examples verbatim.

Missing User Warnings

Medium
Confidence
88% confidence
Finding
The documentation recommends using --log-level=debug without warning that debug output may include sensitive request metadata, credential provider details, or other authentication-related information. In troubleshooting, users often paste debug logs into tickets or chat, increasing the chance of accidental secret disclosure.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The document provides broad network-management permissions, including whitelist changes, network triggering, HTTPS toggling, and SSO updates, but does not warn that these actions can weaken security controls or disrupt connectivity. In a skill specifically meant to manage Elasticsearch network access, this omission increases the likelihood of unsafe operator use and over-privileged deployments.

Missing User Warnings

High
Confidence
98% confidence
Finding
Documenting the CloseHttps permission without any warning normalizes disabling HTTPS, which can expose Elasticsearch and Kibana traffic to interception or downgrade the instance's transport security posture. Because this skill is explicitly for network management, operators may treat the action as routine unless the documentation clearly states the security consequences.

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The document includes a `CloseHttps` operation that disables HTTPS for an Elasticsearch instance but does not warn about the security consequences such as plaintext transport, credential exposure, and loss of transport confidentiality/integrity. In a network-management skill, documenting a security-weakening action without an explicit warning makes unsafe configuration changes more likely.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The document provides ready-to-run commands that change Elasticsearch network exposure, whitelist rules, Kibana private access, and HTTPS state, but it does not prominently warn that these are state-changing operations with service availability and access-control consequences. In an agent-skill context, examples are often copied directly, so treating verification as active reconfiguration materially increases the chance of unintended exposure, lockout, or weakened transport security.

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal