alibabacloud-nas-mount-diagnosis
Warn
Audited by Snyk on Jun 25, 2026
Risk Level: MEDIUM
Full Analysis
MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).
- Third-party content exposure detected (high risk: 0.75). The required runtime workflow ingests outsider-authored free text via the user-provided “Error message” and “Mount command” fields (Step 1), which are not authored by the operating user and are passed into the agent/LLM context for diagnosis.
MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).
- Potentially malicious external URL detected (high risk: 0.90). The skill explicitly instructs downloading and executing remote diagnostic scripts at runtime from nas-client-tools.oss-cn-hangzhou.aliyuncs.com (e.g. https://nas-client-tools.oss-cn-hangzhou.aliyuncs.com/linux_client/check_alinas_nfs_mount.py and https://nas-client-tools.oss-cn-hangzhou.aliyuncs.com/windows_client/alinas_smb_windows_inspection.ps1), which fetches and runs remote code as part of the recommended diagnosis flow.
MEDIUM W013: Attempt to modify system services in skill instructions.
- Attempt to modify system services in skill instructions detected (high risk: 1.00). The skill explicitly instructs running privileged and state-changing operations (e.g., sudo mount, mkdir on root mounts, echo >> /etc/modprobe.d/..., systemctl enable remote-fs.target, registry edits, running privileged inspection scripts and requiring container root/privileged mode), which require elevated/sudo access and modify system files/settings, so it poses a risk of changing the machine state.
Issues (3)
W011
MEDIUMThird-party content exposure detected (indirect prompt injection risk).
W012
MEDIUMUnverifiable external dependency detected (runtime URL that controls agent).
W013
MEDIUMAttempt to modify system services in skill instructions.
Audit Metadata