Security audit

Alibabacloud Ecs Disaster Recovery Snapshot

Security checks across malware telemetry and agentic risk

Overview

This skill performs disclosed Alibaba Cloud ECS disaster-recovery actions and includes user-confirmation and credential-safety rules, though users should understand it can create billable cloud resources.

Install only if you intend to let an agent help create Alibaba Cloud ECS snapshots, images, disks, VSwitches, and recovery instances. Use a tightly scoped RAM user or role, prefer STS or ECS RAM roles over long-lived access keys, confirm the target region/AZ and resource IDs carefully, and expect new cloud resources to incur costs.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (4)

Vague Triggers

Medium

Confidence: 88% confidence
Finding: The trigger list is broad enough to match generic backup, recovery, or replication requests that may not actually fit this skill’s narrow snapshot-based cross-AZ DR workflow. If routed incorrectly, the agent could initiate high-impact cloud operations such as snapshot creation, image creation, new instance launch, or disk attachment in situations where the user intended a safer read-only task or a different backup mechanism.

Missing User Warnings

Medium

Confidence: 92% confidence
Finding: The guide instructs users to configure long-lived AccessKey credentials directly via CLI flags and shows them being stored in ~/.aliyun/config.json before immediately warning about safer alternatives. Long-lived secrets in command lines and local config files are easier to leak through shell history, screenshots, backups, endpoint compromise, or misconfigured file permissions, which is especially risky in an automation-oriented skill.

Missing User Warnings

Medium

Confidence: 90% confidence
Finding: The document recommends environment variables for access keys in CI/CD, containers, and automation without warning that environment variables may be exposed through logs, crash reports, inherited subprocesses, debugging output, or orchestration metadata. In an agent or automation context, this increases the chance that cloud credentials are propagated broadly and unintentionally disclosed.

Missing User Warnings

Medium

Confidence: 88% confidence
Finding: The file enumerates infrastructure-changing commands that can create snapshots, images, disks, VSwitches, and new ECS instances, but it does not warn operators that these actions incur cost, change cloud resources, and may affect production topology if run against the wrong targets. In a disaster-recovery skill this is expected functionality, but the absence of explicit cautions, confirmation guidance, and scoping advice increases the risk of accidental destructive or high-cost changes during stressful recovery operations.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal