Alicloud Database RDS Custom

This skill appears to do what it says (call aliyun CLI to list RDS Custom instances), but there are a few inconsistencies to consider before installing: - The metadata does not declare required binaries or config paths, yet the skill requires the 'aliyun' CLI and 'jq' and asks you to run 'aliyun configure' to provide AccessKey ID/Secret. Expect the CLI to store credentials on disk (local aliyun CLI config). Only proceed if you trust the skill source. - The instructions recommend executing a remote installer via curl | bash (https://aliyuncli.alicdn.com/install.sh). While this is likely the official installer, running remote install scripts is higher-risk; review the installer first or install the CLI via your OS package manager if available. - Provide least-privilege credentials: create an AccessKey with read-only permissions limited to RDS listing if possible, rather than using a high-privilege key. - Verify jq is installed (or adapt the script), and inspect the included script (scripts/query_rc_instances.sh) before executing it — it's short and only parses CLI output, but you should confirm no unexpected network calls or data exfiltration. - If you are concerned about autonomous invocation, confirm how your agent platform grants skills access and consider limiting automatic invocation or reviewing logs when the skill runs. If you want, I can: (1) point out the exact local paths where aliyun CLI stores credentials on your OS, (2) produce a checked, safer installation sequence that avoids curl | bash, or (3) produce a read-only ACL policy example for minimal credentials.