ClawHub

Alibabacloud Oss Manage Network Probe

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed Alibaba Cloud OSS diagnostic skill that uses existing Aliyun CLI credentials and may create or delete test OSS objects, but its risky actions are mostly purpose-aligned and documented.

Install only if you want an agent to run Alibaba Cloud OSS diagnostics through your local `aliyun` CLI. Use a narrow RAM policy and a test bucket or disposable object path when uploads or cleanup are needed. Do not provide AK/SK values in chat, and confirm the exact `oss://bucket/object` before any upload or delete step.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Description-Behavior Mismatch

Medium
Confidence
97% confidence
Finding
This guide substantially exceeds the stated OSS network-probe scope by teaching full Aliyun CLI installation, account credential setup, ECS API verification, and general plugin usage. In an agent-skill context, that scope creep is dangerous because it equips the skill to normalize broad cloud-administration workflows and credential handling that are unnecessary for running `ossutil probe`, increasing the chance of misuse, over-privileged operation, or accidental exposure of secrets.

Context-Inappropriate Capability

Medium
Confidence
95% confidence
Finding
The document explicitly enables broader cloud-management capability by showing non-OSS commands such as `aliyun ecs describe-regions` and encouraging installation of arbitrary product plugins like ECS, VPC, and RDS. For a skill whose purpose is OSS network probing, this expands available operational surface well beyond need and can facilitate unintended cloud enumeration or management actions if reused by an agent or operator.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The procedure includes an `aliyun ossutil rm` cleanup step that deletes an OSS object, but the document does not require an explicit confirmation immediately before deletion or strongly constrain when deletion is safe. In an agent-executed context, a loosely framed cleanup action can cause unintended data loss if the target object was not clearly identified as disposable or if placeholders are filled with a real production object.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal