Alibabacloud Sas Multiaccount Manage

Security checks across malware telemetry and agentic risk

Overview

This skill appears to do what it claims: use Alibaba Cloud CLI credentials to export and merge Security Center reports, without hidden destructive behavior found.

Install only if you intend to run Alibaba Cloud SAS exports from this machine. Use least-privilege RAM credentials, run the scripts in a dedicated working directory, review accounts.json before batch exports, and remember that the aliyun CLI AI-mode/User-Agent setting persists until changed back.

SkillSpector

By NVIDIA

Vulnerability Patterns

MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Lp3

Medium

Category: MCP Least Privilege
Confidence: 92% confidence
Finding: The skill documentation describes capabilities to read and write local files, invoke shell commands, and access the network via the Alibaba Cloud CLI and Python scripts, but it does not declare any permissions. This creates a transparency and policy-enforcement gap: an agent or reviewer may underestimate the skill's access level, while the skill can modify local state (accounts.json, exported reports), contact external services, and execute CLI operations against cloud accounts.

VirusTotal

67/67 vendors flagged this skill as clean.

View on VirusTotal