ClawHub

Alibabacloud Opensearch App Manage

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed Alibaba Cloud OpenSearch management skill, but users should review setup and create commands because they can install/update CLI tooling and create billable cloud resources.

Install only if you want an agent to manage Alibaba Cloud OpenSearch. Use a dedicated least-privilege RAM user or temporary role, verify the active Aliyun profile before running commands, prefer dryRun first, and explicitly approve any create operation because it can create persistent billable resources. Avoid running the curl-to-bash installer directly; use an official package manager or a downloaded installer you can verify, and clean up test instances promptly in the OpenSearch console.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Tool MisuseTool Parameter Abuse, Chaining Abuse, Unsafe Defaults
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (6)

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The documentation describes a paid write operation that creates cloud resources but does not prominently warn about billing impact, side effects, or the need for explicit user confirmation before execution. In an agent skill context, this increases the risk that an automated workflow could create billable infrastructure unintentionally based only on a natural-language prompt.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The document provides real instance-creation and verification steps without an upfront warning that these commands provision actual Alibaba Cloud resources and may incur charges. In an agent-skill context, users may copy or automate these steps assuming they are harmless verification, which can lead to unintended spend and persistent resource creation.

Missing User Warnings

Medium
Confidence
98% confidence
Finding
The full workflow script creates a real OpenSearch instance, waits, and verifies it, but only mentions manual cleanup at the end and does not warn beforehand about persistence or billing impact. This is risky because a user or agent may execute the script as a routine test, leaving paid resources running indefinitely.

External Script Fetching

High
Category
Supply Chain
Content
> **Pre-check: Aliyun CLI >= 3.3.3 required**
> Run `aliyun version` to verify >= 3.3.3. If not installed or version too low,
> run `curl -fsSL https://aliyuncli.alicdn.com/setup.sh | bash` to update,
> or see [references/cli-installation-guide.md](references/cli-installation-guide.md) for installation instructions.

**Pre-check: Aliyun CLI plugin update required**
Confidence
99% confidence
Finding
curl -fsSL https://aliyuncli.alicdn.com/setup.sh | bash

External Script Fetching

High
Category
Supply Chain
Content
```bash
# Install/Upgrade Aliyun CLI
curl -fsSL https://aliyuncli.alicdn.com/setup.sh | bash
aliyun version  # Ensure >= 3.3.3

# Enable auto plugin installation
Confidence
99% confidence
Finding
curl -fsSL https://aliyuncli.alicdn.com/setup.sh | bash

Chaining Abuse

High
Category
Tool Misuse
Content
```bash
# Install/Upgrade Aliyun CLI
curl -fsSL https://aliyuncli.alicdn.com/setup.sh | bash
aliyun version  # Ensure >= 3.3.3

# Enable auto plugin installation
Confidence
98% confidence
Finding
| bash

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal