Back to skill

Security audit

Alibabacloud Agent Toolkit Install

Security checks across malware telemetry and agentic risk

Overview

This is mostly a coherent Alibaba Cloud toolkit installer, but it includes an automatic cloud token-generation check using a non-standard hardcoded API command that users should review carefully.

Install only if you expect this skill to configure Alibaba Cloud tooling for your account. Review every install command before approving it, prefer vendor-documented installers where possible, and pay special attention to the automatic RamOAuth bearer-token check because it uses your existing Alibaba Cloud credentials with a hardcoded internal-scope command.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • System Prompt LeakageDirect Leakage, Indirect Extraction, Tool-Based Exfiltration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (2)

External Script Fetching

Low
Category
Supply Chain
Content
| Platform        | Command |
|-----------------|---------|
| macOS / Linux   | `curl -LsSf https://astral.sh/uv/install.sh \| sh` |
| Windows (PowerShell) | `powershell -ExecutionPolicy ByPass -c "irm https://astral.sh/uv/install.ps1 \| iex"` |

> **Security note:** These are pipe-to-shell commands. Show the command to the user
Confidence
95% confidence
Finding
curl -LsSf https://astral.sh/uv/install.sh \| sh

Direct Prompt Extraction

High
Category
System Prompt Leakage
Content
|----------------|----------------|
| **Auto** (read-only check) | Execute without asking. |
| **Confirm** (local install / CLI plugin install) | Show the user the exact command, explain what it does, and **wait for explicit approval** before executing. Never pipe-to-shell silently. |
| **User-only** (interactive / browser-based) | Display instructions for the user to run in a **separate terminal**. Do not attempt to execute. |
| **Confirm-cloud** (cloud-side write) | Explain the cloud resource that will be created, then **wait for explicit approval** before executing. |

---
Confidence
85% confidence
Finding
Display instructions

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.