Back to skill

Security audit

Alibabacloud Das Agent

Security checks across malware telemetry and agentic risk

Overview

This skill is a real Alibaba Cloud DAS helper, but it gives an agent broad, credentialed database-management reach without enough safeguards or user confirmation.

Install only if you intend to let an agent use Alibaba Cloud DAS with your database environment. Use a dedicated least-privilege RAM role, avoid production administrator or FullAccess credentials, avoid putting secrets in prompts, start a fresh session for unrelated work, and require explicit human approval before any action that could affect availability, data, billing, or account state.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Rogue AgentSelf-Modification, Session Persistence
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Vague Triggers

Medium
Confidence
93% confidence
Finding
The trigger guidance is broad enough to match casual phrases like 'my database is slow' or 'help me check this SQL', which can cause the skill to activate unexpectedly. Because this skill sends prompts and diagnostic context to an external Alibaba Cloud service and may operate on real cloud resources, accidental invocation can expose sensitive operational data or trigger unintended remote actions.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill description does not clearly warn users that their questions, instance context, and troubleshooting details are transmitted to an external Alibaba Cloud DAS service. In a database diagnostics context, prompts may contain instance IDs, SQL text, error messages, or other sensitive operational data, so lack of disclosure undermines informed consent and increases privacy/data-handling risk.

Session Persistence

Medium
Category
Rogue Agent
Content
The Alibaba Cloud Credentials SDK automatically resolves credentials from multiple sources (environment variables, configuration files, ECS RAM roles, etc.). Refer to the [official credential configuration documentation](https://www.alibabacloud.com/help/en/sdk/developer-reference/v2-manage-python-access-credentials) for setup instructions.

If you have purchased a DAS Agent subscription, create and manage your Agent ID at: https://das.console.aliyun.com/

## Troubleshooting
Confidence
90% confidence
Finding
create and manage your Agent ID at: https://das.console.aliyun.com/ ## Troubleshooting ### Credential Resolution Failed If the script exits with a credential-related error, it means the Alibaba Clo

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.