alibabacloud-ecs-sec-inspect
Fail
Audited by Snyk on Jun 23, 2026
Risk Level: CRITICAL
Full Analysis
HIGH W007: Insecure credential handling detected in skill instructions.
- Insecure credential handling detected (high risk: 1.00). The skill mandates executing system commands and embedding command outputs/evidence in reports (e.g., catting files under /root, reading system/log files) so the agent will likely read and output sensitive secrets/keys/hashes verbatim, creating a high exfiltration risk.
CRITICAL E005: Suspicious download URL detected in skill instructions.
- Suspicious download URL detected (high risk: 0.70). This list mainly contains legitimate security/academic resources (GitHub, NIST, MITRE, arXiv, vendor blogs) but also includes several unvetted GitHub release endpoints, direct binary release URLs, OpenClaw/skill-related release APIs, raw IP/placeholders and other artifacts that are high-risk supply‑chain or C2 vectors if fetched or executed without verification—treat the release/download links and IP patterns as suspicious until their provenance and signatures are validated.
MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).
- Potentially malicious external URL detected (high risk: 0.90). The skill's python runtime guide (references/python-runtime.md) instructs the agent at runtime to curl and extract the standalone Python tarball from https://github.com/indygreg/python-build-standalone/releases/download/20241206/cpython-3.11.11+20241206-x86_64-unknown-linux-gnu-install_only_stripped.tar.gz and then run that binary to execute scripts/main.pyz, which is a clear runtime remote fetch that results in executing externally downloaded code.
MEDIUM W013: Attempt to modify system services in skill instructions.
- Attempt to modify system services in skill instructions detected (high risk: 1.00). The skill explicitly instructs the agent to run multiple sudo setup/install scripts that change permissions and install files into system/AI-tool directories (and includes sudo verification commands reading root-owned files), thereby requesting elevated privileges and actions that modify the machine state.
Issues (4)
W007
HIGHInsecure credential handling detected in skill instructions.
E005
CRITICALSuspicious download URL detected in skill instructions.
W012
MEDIUMUnverifiable external dependency detected (runtime URL that controls agent).
W013
MEDIUMAttempt to modify system services in skill instructions.
Audit Metadata