Back to skill

Security audit

Alibabacloud Ddoscoo Domain Configuration Backup

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed Alibaba Cloud DDoS configuration backup and restore helper, with notable operational risk but no evidence of hidden or malicious behavior.

Install only for Alibaba Cloud DDoS Pro domain backup or migration work. Use a least-privilege RAM user, prefer short-lived STS credentials, avoid pasting access keys into commands that may be logged, confirm the exact region and domain scope before every run, and review dry-run diffs carefully before import because imports can change live DDoS protection behavior.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (4)

Natural-Language Policy Violations

Medium
Confidence
90% confidence
Finding
The skill explicitly maps user wording like 'mainland China' or 'international / overseas' to a region value, which can cause the agent to act on inferred infrastructure scope rather than an explicitly confirmed region. In a destructive import/export workflow for production DDoS configuration, that ambiguity can lead to backing up, restoring, or modifying the wrong regional environment and missing assets in the other region.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The guide demonstrates passing long-lived access keys directly on the command line and via environment variables without warning that secrets can leak through shell history, process inspection, CI logs, or terminal recording. In an automation-oriented skill, users are especially likely to paste these patterns into scripts and pipelines, increasing the chance of credential exposure and subsequent cloud account compromise.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
Recommending `aliyun configure get` and debug logging without warning about sensitive output can lead users to print credential-related configuration or request-signing details into terminals, tickets, or CI logs. In a cloud administration context, such disclosures can leak operational secrets or materially aid follow-on attacks.

Missing User Warnings

Medium
Confidence
84% confidence
Finding
The workflow instructs the agent to write generated YAML files to local disk without requiring explicit user confirmation, a destination choice, or overwrite safeguards. In an agent context, this can lead to unintended file creation or overwriting of existing files, especially if filenames collide or if the working directory is sensitive.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.