Back to skill

Security audit

Alibabacloud Pai Rec Diagnosis

Security checks across malware telemetry and agentic risk

Overview

This skill appears purpose-built for Alibaba Cloud PAI-Rec troubleshooting, but users should grant narrow read-only access and redact diagnostic data before sharing it.

Install only if you need Alibaba Cloud PAI-Rec diagnostics. Use a dedicated low-privilege RAM user or role, prefer the resource-specific read-only policy, approve any CLI/plugin updates before running them, and redact credentials, tokens, request payloads, customer identifiers, internal endpoints, and raw logs before sharing outputs.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (3)

Missing User Warnings

Medium
Confidence
88% confidence
Finding
The document provides copy-pasteable steps to create and attach RAM policies, including a wildcard Resource '*' variant, without clearly warning that this changes IAM permissions and may grant broader read access than intended. In a diagnostic skill, read-only access is operationally relevant, but logs and configuration data can still expose sensitive metadata, so omitting explicit privilege-scope warnings creates a real least-privilege risk.

Missing User Warnings

Low
Confidence
90% confidence
Finding
The file documents `aliyun configure list` as a routine utility command without warning that its output enumerates configured authentication profiles and auth methods. In an agent/skill context, encouraging or normalizing this command can expose sensitive operational metadata about available credentials and profiles, which may aid reconnaissance even if it does not directly print secret keys.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The guide tells operators to collect and share command outputs, error messages, IDs, and timestamps without warning that logs and CLI output may contain secrets, request payloads, internal endpoints, or customer identifiers. In a diagnostic skill context, this increases the risk of sensitive data being copied into chat, tickets, or other less-trusted channels.

VirusTotal

62/62 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.