alibabacloud-emas-apm-remotelog

Fail

Audited by Snyk on Jul 6, 2026

Risk Level: CRITICAL
Full Analysis

CRITICAL E006: Malicious code pattern detected in skill scripts.

  • Malicious code pattern detected (high risk: 1.00). The skill explicitly documents the ability to remotely resolve user devices and trigger/collect device-side logs (create-tlog-task, search-tlog, get-tlog-collect-list), i.e. a direct data-exfiltration capability tied to user identities that is highly privacy-sensitive and can be abused to harvest user data; no obfuscated code, hidden eval/remote shells, or credential-stealing routines were observed in the content.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

  • Potentially malicious external URL detected (high risk: 0.90). The skill's installation step requires fetching and executing a remote installer via curl -fsSL https://aliyuncli.alicdn.com/setup.sh | bash (host: aliyuncli.alicdn.com), which downloads and runs remote code and is a required dependency for the CLI-based skill.

Issues (2)

E006
CRITICAL

Malicious code pattern detected in skill scripts.

W012
MEDIUM

Unverifiable external dependency detected (runtime URL that controls agent).

Audit Metadata
Risk Level
CRITICAL
Analyzed
Jul 6, 2026, 02:35 AM
Issues
2
Security Audit — snyk — alibabacloud-emas-apm-remotelog