Alicloud Ai Content Aicontent
PassAudited by VirusTotal on May 12, 2026.
Overview
Type: OpenClaw Skill Name: alicloud-ai-content-aicontent Version: 1.0.4 The skill bundle is a standard implementation for managing Alibaba Cloud AIContent resources. The core logic in `scripts/list_openapi_meta_apis.py` fetches API metadata from official Alibaba Cloud endpoints (api.aliyun.com) using standard libraries and saves the results locally. No evidence of data exfiltration, malicious execution, or harmful prompt injection was found.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If the credentials have broad permissions, the agent could access or change more Alibaba Cloud AIContent resources than intended.
The skill may use Alibaba Cloud account credentials, including a local shared credential profile, to call AIContent APIs. This is expected for the service integration but is sensitive authority.
Environment variables: `ALICLOUD_ACCESS_KEY_ID` / `ALICLOUD_ACCESS_KEY_SECRET` / `ALICLOUD_REGION_ID` ... Shared config file: `~/.alibabacloud/credentials`
Use least-privilege Alibaba Cloud credentials, verify the account and region before use, and avoid exposing long-lived high-privilege AccessKeys.
A mistaken resource identifier, region, or requested action could change the wrong AIContent configuration or workflow.
The skill explicitly supports mutating Alibaba Cloud AIContent resources. This matches the stated management purpose, but cloud mutations can have operational impact.
Change/configure: prefer `Create*` / `Update*` / `Modify*` / `Set*` APIs for mutations.
Review proposed mutating API calls before execution, confirm region and resource IDs, and prefer list/describe checks before and after changes.