ClawHub

Alibabacloud Find Skills

Security checks across malware telemetry and agentic risk

Overview

This skill mostly performs Alibaba Cloud skill discovery, but it also guides global, non-interactive installation of other skills while partly describing itself as read-only.

Install only if you want this skill to help discover and install Alibaba Cloud skills. Treat any suggested install command, especially one using `-g -y`, as a persistent change to your agent environment; review the selected downstream skill first, prefer explicit confirmation and non-global installation where possible, and know how to remove it before proceeding.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (4)

Intent-Code Divergence

High
Confidence
96% confidence
Finding
The file repeatedly frames the skill as read-only discovery with no resource creation, yet it also directs the agent to install third-party skills via `npx skills add` or `npx clawhub install`. That mismatch can mislead operators and downstream policy engines into allowing a capability-changing action they would otherwise review, creating a trust-boundary violation and enabling unreviewed code or configuration changes in the agent environment.

Description-Behavior Mismatch

Medium
Confidence
91% confidence
Finding
The manifest positions this as a search/browse skill, but the workflow expands into installation and execution of other skills. This capability drift is dangerous because agents or reviewers may invoke or approve it under a lower-risk discovery label, while it can actually modify the environment and chain into additional instructions from installed content.

Vague Triggers

Medium
Confidence
88% confidence
Finding
The trigger set includes very broad phrases such as `阿里云`, `帮我找一个 skill`, and related generic wording, which raises the chance of accidental activation on unrelated Alibaba Cloud conversations. Because this skill can lead users into installation flows, over-triggering increases the risk of unintended tool use and unnecessary exposure to downstream untrusted skill content.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The document includes a global installation command (`npx skills add ... -g -y`) that can modify the user's environment, but it does not explicitly warn that this performs a system-wide change or require an additional confirmation step. In a discovery-oriented skill, presenting an install command so directly increases the chance that a user or downstream agent executes it without understanding the persistence and scope of the modification.

VirusTotal

VirusTotal engine telemetry is currently stale for this artifact.

View on VirusTotal