Alicloud Data Lake Dlf Next
PassAudited by ClawScan on May 10, 2026.
Overview
The skill appears to do what it says, but it can use Alibaba Cloud credentials to change DLF Next resources, so users should confirm the account, region, and intended changes.
Use this skill only when you intend to manage Alibaba Cloud DLF Next. Configure least-privilege credentials, verify the account and region, and approve any create/update/modify/set action before it is run.
Findings (2)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If the wrong Alibaba Cloud key, account, or region is used, the agent could view or change resources within that credential's permissions.
The skill tells the agent to use Alibaba Cloud account credentials, including a local shared credential file. This is expected for DLF Next management, but it grants delegated cloud authority.
AccessKey priority ... `ALICLOUD_ACCESS_KEY_ID` / `ALICLOUD_ACCESS_KEY_SECRET` / `ALICLOUD_REGION_ID` ... Shared config file: `~/.alibabacloud/credentials`
Use a least-privilege Alibaba Cloud RAM user or role scoped to DLF Next, and confirm the intended account and region before use.
Approved mutation requests may create or alter data lake governance resources in Alibaba Cloud.
The skill explicitly supports mutating DLF Next resources through OpenAPI/SDK calls. That is aligned with its management purpose, but these actions can change cloud resources.
Change/configure: prefer `Create*` / `Update*` / `Modify*` / `Set*` APIs for mutations.
Require explicit confirmation of the target region, resource identifiers, and intended change before any create, update, modify, or set API call.