Back to skill

Security audit

Alibabacloud Yike Storyboard

Security checks across malware telemetry and agentic risk

Overview

This skill is a coherent Alibaba Cloud/Yike storyboard workflow, but users should treat uploads and cloud credentials carefully.

Install this only if you intend to use Alibaba Cloud Yike and are comfortable uploading the chosen script or novel to Alibaba Cloud services. Use a least-privileged RAM user or short-lived STS credentials, avoid putting real access keys in command history, shared logs, or chat, review installer commands before running them, and confirm the exact file path, Alibaba account, region, and storyboard settings before upload.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (5)

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill instructs the agent to upload user-provided novel/script files to OSS and submit them to Alibaba ICE/Yike services, but it does not prominently warn users that their local content will be transmitted to third-party cloud services. This creates a meaningful privacy and consent risk, especially for sensitive manuscripts, proprietary scripts, or personal data embedded in uploaded files.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The acceptance criteria explicitly show `aliyun oss cp --mode StsToken --access-key-id xxx --access-key-secret xxx --sts-token xxx`, which normalizes passing cloud credentials on the command line. Command-line secrets are commonly exposed through shell history, process listings, logs, CI output, and debugging transcripts, creating a realistic credential leakage risk. In this skill's context, that risk is more serious because the workflow is designed for agent-assisted cloud operations, where examples are likely to be copied directly by users or emitted by automation.

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The guide recommends exporting long-lived Alibaba Cloud access keys into shell environment variables without clearly warning that such credentials may be exposed through process inspection, inherited child processes, CI logs, shell startup files, or accidental persistence. In a skill meant to support automation and video-production workflows, users may copy these examples into scripts or shared environments, increasing the chance of credential leakage and cloud account compromise.

Missing User Warnings

Medium
Confidence
87% confidence
Finding
The verification instructions tell the operator to run `aliyun configure list` and consider output containing `AccessKeyId` or STS credential information as success, but they do not warn that this output is sensitive or instruct the user to avoid logging, sharing, or exposing it. In an agent or support workflow, this increases the chance credentials are displayed in chat transcripts, terminal captures, or logs, enabling credential disclosure and subsequent cloud account misuse.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The script uploads a user-supplied local file to Alibaba OSS over the network but provides no explicit warning, confirmation, or consent checkpoint immediately before transmission. In a conversational agent skill, this is risky because users may not realize that local content is being exfiltrated to a remote cloud bucket, especially when the file may contain proprietary manuscript or script data.

VirusTotal

67/67 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.