Back to skill

Security audit

Alibabacloud Ebs Disk Metric Analyzer

Security checks across malware telemetry and agentic risk

Overview

This is mainly a read-only Alibaba Cloud disk metrics skill, but its setup can run remote installer code, change global CLI settings, and steer users toward risky credential handling.

Install only if you are comfortable with Alibaba Cloud CLI configuration changes. Prefer a verified package manager or signed download over `curl | bash`, use a least-privilege RAM user or role limited to EBS metric reads, configure credentials outside the agent without pasting secrets into commands, avoid broad role/plugin examples, and confirm AI-mode is disabled after use.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (6)

Context-Inappropriate Capability

Medium
Confidence
93% confidence
Finding
The skill requires enabling Alibaba Cloud CLI AI-mode and setting a custom user agent before any CLI invocation, even though simple metric queries do not inherently require this state change. This expands the execution footprint, introduces persistent configuration changes, and can affect subsequent commands or sessions if cleanup is missed, making the behavior unnecessary and risk-increasing for a read-only monitoring task.

Intent-Code Divergence

Medium
Confidence
90% confidence
Finding
The skill states that no cleanup is required, but elsewhere mandates disabling AI-mode on every exit path. This contradiction increases the chance that AI-mode remains enabled after execution, leaving persistent altered CLI state that may influence later operations or expose users to unintended agent behavior beyond this skill.

Description-Behavior Mismatch

Medium
Confidence
95% confidence
Finding
The guide substantially exceeds the stated EBS disk metric analysis scope by teaching general Aliyun CLI installation, credential setup, privilege modes, debugging, plugin usage, and unrelated service exploration. In an agent skill context, this broadens the operational blast radius and can steer users or automation toward unnecessary cloud administration actions beyond read-only monitoring.

Context-Inappropriate Capability

Medium
Confidence
97% confidence
Finding
The guide includes RamRoleArn, RamRoleArnWithEcs, and other elevated or cross-account authentication modes that are not justified for simple disk-metric analysis. In an automation or agent setting, normalizing these patterns can lead users to provision excessive permissions or cross-account trust relationships, increasing the consequences of misuse or compromise.

Context-Inappropriate Capability

Low
Confidence
92% confidence
Finding
The section encourages installing unrelated product plugins and exploring commands such as ECS, VPC, RDS, and FC, which are outside the skill's EBS monitoring purpose. This creates unnecessary capability expansion and increases the chance that users or agents perform unintended actions in other Alibaba Cloud services.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The guide provides multiple examples of passing access keys and secrets directly on the command line and exporting them as environment variables, which can expose credentials through shell history, process listings, logs, CI output, and shared environments. Although common in setup docs, presenting these patterns without strong warnings and safer alternatives is risky, especially for agent-driven automation.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.