Alibabacloud Oss Manage Cron Upload
Security checks across malware telemetry and agentic risk
Overview
The skill’s OSS backup purpose is clear, but it appears to generate a scheduled shell script with user-provided paths inserted directly, which could lead to unintended command execution if inputs are not escaped perfectly.
Review the generated cron or Task Scheduler script before installing it, especially any local path values. Use a dedicated least-privilege Alibaba Cloud RAM identity, confirm the exact local folder and OSS prefix, and only enable deletion or bucket creation if you explicitly need those actions.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A malformed or malicious local path could potentially alter the generated script and run unintended commands, possibly repeatedly through cron or Task Scheduler.
The static scan reports a user-controlled placeholder inserted directly into generated source code. Because this value is used in shell/script context for a scheduled job, incomplete escaping could allow unintended command execution.
LOCAL_SOURCE_PATH="${LocalSourcePath}" # MUST be an absolute path, never use ~Do not use this skill with untrusted path values. The publisher should generate scripts using safe argument arrays or strict shell escaping, reject quotes/newlines/control characters/operators, and show the final script for user approval before installing it.
The upload job may keep running after the chat ends and continue sending files from the selected local folder to OSS.
The skill intentionally creates or guides creation of a recurring local scheduler job. This persistence is disclosed and central to the backup/sync purpose.
Architecture: `Local folder + aliyun CLI (integrated ossutil) + cron/Task Scheduler + OSS Bucket`
Confirm the schedule, local folder, log path, and uninstall/disable steps before enabling the job. Periodically review cron or Task Scheduler entries.
The active Alibaba Cloud profile can change OSS contents within the configured bucket and prefix.
The skill operates through the user's Alibaba Cloud identity and needs OSS permissions to upload, inspect, optionally create buckets, and optionally delete test objects. The policy guidance is mostly least-privilege and disclosed.
`oss:PutObject`, `oss:GetObject`, `oss:ListObjects`; optional `oss:DeleteObject`; conditional `oss:PutBucket`
Use a dedicated RAM user or role limited to the exact bucket/prefix, avoid root credentials, and grant DeleteObject or PutBucket only when truly needed.
Users rely on the remote download source and current latest binary when installing the required CLI.
The installation guide uses latest-version remote binary downloads and privileged placement into PATH. This is a normal CLI setup pattern, but the artifact does not provide pinning or checksum verification.
wget https://aliyuncli.alicdn.com/aliyun-cli-linux-latest-amd64.tgz ... sudo mv aliyun /usr/local/bin/
Install Aliyun CLI from trusted official channels, verify checksums/signatures where available, and prefer managed package sources when possible.