Alicloud Compute Swas Open

This skill appears to do what it says (manage Alibaba SWAS) and the included scripts match the documentation, but take these precautions before installing or running it: - Credentials: The registry metadata does not declare required env vars, but the code and SKILL.md expect ALICLOUD_ACCESS_KEY_ID and ALICLOUD_ACCESS_KEY_SECRET (and optionally a security token and ALICLOUD_REGION_ID). Only provide least-privilege RAM credentials needed for intended operations; prefer temporary STS tokens where possible. - Review scripts locally: fix_ssh_access modifies /etc/ssh/sshd_config (enabling PermitRootLogin yes and PubkeyAuthentication) and appends a public key to authorized_keys. That is a powerful mutating action — confirm target instance IDs and the exact public key before running. Ensure the script's --pubkey argument points to a public key file, not a private key. - Start with read-only operations: run list_instances_all_regions.py and the summary scripts first to verify credentials and scope before running any mutating actions or RunCommand invocations. - Confirm region/endpoints: SKILL.md instructs choosing the correct region and endpoint (public vs VPC). If unsure, the agent should ask you before mutating operations. - Source trust: the skill's source is listed as unknown. If you require stronger assurance, ask the author/maintainer for provenance or run the scripts in a controlled environment first. If you are comfortable reviewing the code and using least-privilege credentials, the skill is coherent with its purpose; otherwise treat it as untrusted until provenance and credential requirements are clarified.