ClawHub

TencentCloud OPS

Security checks across malware telemetry and agentic risk

Overview

This Tencent Cloud operations skill appears legitimate, but it asks for broad cloud control and includes destructive actions without built-in safeguards.

Install only if you are comfortable giving this skill live Tencent Cloud control. Use a dedicated sub-user, restrict policies to specific regions/resources/buckets where possible, avoid main-account keys, keep secrets out of Git, and manually review every stop/delete operation before running it.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Intent-Code Divergence

Medium
Confidence
97% confidence
Finding
The code passes StoppedMode='KEEP_CHARGING' while the inline comment says '停机不收费' ('stopping does not incur charges'). This mismatch can mislead operators into leaving stopped instances running in a billable state, causing unintended cost impact and unsafe operational decisions.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
terminate_instance performs irreversible cloud resource deletion immediately with only an instance ID, and there is no confirmation prompt, dry-run mode, or safeguard against accidental invocation. In an ops skill, this increases the chance of destructive mistakes, service interruption, and permanent data loss.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
delete_bucket deletes a storage bucket without any user-facing warning, confirmation, or pre-checks. Because buckets may contain important data or may fail in partially understood states, this makes accidental destructive operations more likely in a high-impact cloud administration context.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal