ClawHub

Alibabacloud Pts Reporter

Security checks across malware telemetry and agentic risk

Overview

This skill is mostly a read-only Alibaba Cloud PTS report analyzer, but it includes live PTS data access and broad Alibaba Cloud CLI guidance that goes beyond the stated historical-report scope.

Install only if you are comfortable granting this skill read access to PTS scenes, reports, baselines, and possible live running data. Use a least-privilege RAM role limited to the listed PTS Get/List actions, avoid following the unrelated ECS/VPC/RDS/FC examples, and confirm the skill does not change profiles or install extra cloud plugins beyond what you need for PTS reporting.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (4)

Description-Behavior Mismatch

Medium
Confidence
90% confidence
Finding
The skill is declared as a historical, read-only report analyzer, but it also permits fetching live running scene data. This expands the data-access scope beyond the stated contract, which can surprise callers, bypass least-privilege expectations, and expose current operational telemetry that users or orchestrators did not intend to share with this skill.

Intent-Code Divergence

Medium
Confidence
84% confidence
Finding
The workflow claims tightly bounded discovery behavior, but later instructions allow extra command execution such as `aliyun pts <command> --help` and additional scene/live-data calls. Even though these are read-oriented commands, the inconsistency weakens guardrails and can lead an agent to perform broader-than-promised enumeration or command exploration during failure handling.

Description-Behavior Mismatch

Medium
Confidence
95% confidence
Finding
This guide materially expands the skill’s operational envelope from a stated read-only PTS report analyzer into a general Alibaba Cloud CLI enablement document. In an agent setting, bundling broad cloud CLI installation, authentication, and service command usage increases the chance that downstream components or operators grant unnecessary cloud-management capability that is unrelated to report analysis.

Context-Inappropriate Capability

Medium
Confidence
91% confidence
Finding
The plugin installation and exploration section enables generalized product access beyond PTS report analysis, including ECS, VPC, RDS, and Function Compute command discovery. For a skill advertised as read-only and narrowly scoped, this unjustified capability expansion can facilitate privilege creep and accidental or unauthorized cloud operations.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal