skills/aliyun/alibabacloud-adb-mysql-mcp-server/alibabacloud-adb-openclaw-insight/Gen Agent Trust Hub
alibabacloud-adb-openclaw-insight
Fail
Audited by Gen Agent Trust Hub on May 14, 2026
Risk Level: HIGHEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill documentation in SKILL.md and README.md recommends downloading the uv package manager installer from astral.sh.\n- [REMOTE_CODE_EXECUTION]: The installation process for the uv tool involves piping a remote script into the shell (curl -LsSf https://astral.sh/uv/install.sh | sh). This is the official installation method for a well-known service, but involves direct remote code execution.\n- [COMMAND_EXECUTION]: The skill requires the agent to run Python modules (scripts.init_db, scripts.main) which perform file system and network operations for log collection and database management.\n- [DATA_EXFILTRATION]: The skill's primary purpose is to read local OpenClaw session and log files (from ~/.openclaw and /tmp) and transmit that data to an Alibaba Cloud AnalyticDB MySQL instance and external LLM APIs (OpenAI or Anthropic).\n- [PROMPT_INJECTION]: The skill is vulnerable to Indirect Prompt Injection (Category 8) because it processes untrusted chat logs and sends them to an LLM without robust boundary markers or sanitization.\n
- Ingestion points: Reads conversational data from local log files in scripts/collect_logs.py.\n
- Boundary markers: Prompts in scripts/analysis/behavior_insight.py and scripts/analysis/organizational_insight.py use simple numbering for log entries, which may not adequately isolate the LLM from instructions embedded within the logs.\n
- Capability inventory: The skill can write results to a remote database and generate summary reports based on LLM outputs.\n
- Sanitization: There is no specific filtering or sanitization of the log content to prevent instructions in the logs from influencing the analysis logic.
Recommendations
- HIGH: Downloads and executes remote code from: https://astral.sh/uv/install.sh - DO NOT USE without thorough review
Audit Metadata