The Agent Skills Directory

[External Downloads] (HIGH): The skill instructs the agent to download the Nacos Server archive using wget from https://github.com/alibaba/nacos/releases/download/2.2.0/nacos-server-2.2.0.tar.gz. Per security protocol, the alibaba GitHub organization is not included in the list of Trusted External Sources, making this an untrusted download.
[Remote Code Execution] (HIGH): Following the download of the unverified archive, the skill provides commands to extract and immediately execute a shell script (sh startup.sh). This pattern of downloading then executing remote code from an untrusted source is a significant security risk.
[Command Execution] (HIGH): The skill contains multiple shell commands (tar, cd, sh) that operate on the host system. When these commands are used to execute logic from untrusted external sources, they facilitate potential system compromise.
[Malicious Content] (MEDIUM): Automated scanners flagged the domain accountService.de as a phishing site. This specific character sequence is present in the Java code snippet accountService.deductBalance. Although it appears as a variable and method call, the use of strings that resolve to known malicious domains can be a technique for bypassing simple security filters or initiating outbound requests if the environment resolves the variable name as a host.

spring-cloud-alibaba