tsa-risk
WarnAudited by ClawScan on May 10, 2026.
Overview
The skill matches its Tencent Cloud Advisor purpose, but it asks for persistent cloud credentials and can create a broad full-access cloud role with some misleading permission wording.
Review carefully before installing. Use a least-privileged Tencent Cloud credential, avoid storing long-term AK/SK keys permanently if possible, and do not run the role creation step unless you accept the exact CAM policies. Consider creating a narrower read-only Advisor role manually and ensure Python has proper CA certificates so TLS verification is never disabled.
Findings (5)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If the user runs the role creation step, the skill can leave a cloud role with write-capable Advisor and tag-management permissions in the Tencent Cloud account.
The role creation script attaches full Tencent Cloud Tag and Advisor policies to the generated advisor role. This is high-impact account authority and appears broader than the described Advisor risk-inspection and login-link use case.
POLICY_NAMES = ["QcloudTAGFullAccess", "QcloudAdvisorFullAccess"] ... "AttachRolePolicy"
Create or require a least-privileged read-only role for the specific Advisor APIs, avoid QcloudTAGFullAccess unless strictly necessary, and show the exact policies before asking for approval.
A user may approve broader cloud permissions than they realize.
The documentation alternates between describing the role as read-only/no other resource impact and acknowledging full read/write tag and Advisor policies. This can mislead a user when approving IAM changes.
将关联策略 `QcloudAdvisorFullAccess`(智能顾问只读访问权限,不影响其他云资源) ... `QcloudTAGFullAccess`(标签全读写权限)、`QcloudAdvisorFullAccess`(智能顾问全读写权限) ... 不影响其他云资源
Use consistent, accurate wording: state that these are full-access managed policies, explain why each is needed, and offer a narrower manual configuration.
On a hostile network, temporary cloud login/session material could be exposed or tampered with.
If certifi is unavailable, the login URL script disables HTTPS certificate and hostname verification for provider calls that obtain temporary credentials and generate a console login URL.
except ImportError:
ctx = ssl.create_default_context()
ctx.check_hostname = False
ctx.verify_mode = ssl.CERT_NONEDo not disable TLS verification. Require a valid CA bundle, add certifi as an explicit dependency, or fail closed with a clear setup error.
Long-lived cloud keys stored in shell profiles can be accidentally exposed to other tools, backups, or local users.
Tencent Cloud credentials are expected for this integration, but the documentation encourages storing long-lived AK/SK credentials persistently in shell or user environment configuration.
**环境变量必须永久写入 shell 配置文件** ... echo 'export TENCENTCLOUD_SECRET_KEY="your-secret-key"' >> ~/.bashrc
Prefer temporary or least-privileged credentials, avoid writing long-term secrets to shared shell profiles when possible, and rotate keys if they may have been exposed.
Version-check messages could be confusing or refer to the wrong package.
The evaluated registry slug is tsa-risk, but the local metadata slug is tsa; the visible environment-check code uses _meta.json for remote version inspection, so update/provenance checks may target a different skill name.
"slug": "tsa"
Align _meta.json with the published slug and document any external version-check command or network destination.