Alicloud Data Lake Dlf
PassAudited by ClawScan on May 1, 2026.
Overview
This is a coherent Alibaba Cloud Data Lake management helper, but it can use Alibaba Cloud credentials and perform user-requested resource changes, so use least-privilege access.
Install only if you intend the agent to help manage Alibaba Cloud Data Lake Formation. Provide narrowly scoped Alibaba Cloud credentials, confirm all mutating actions before execution, and review saved output files for any cloud resource details before sharing them.
Findings (2)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Any permissions attached to the provided Alibaba Cloud credentials could be used for Data Lake Formation operations.
The skill expects Alibaba Cloud account credentials, including a local shared credentials file. This is purpose-aligned for managing Alibaba Cloud resources, and there is no artifact evidence of credential leakage, but the authority is sensitive.
Environment variables: `ALICLOUD_ACCESS_KEY_ID` / `ALICLOUD_ACCESS_KEY_SECRET` / `ALICLOUD_REGION_ID` ... Shared config file: `~/.alibabacloud/credentials`
Use a least-privilege RAM user or role limited to the needed DataLake actions and region, avoid broad account keys, and rotate credentials if they may have been exposed.
A mistaken command or wrong resource identifier could create or change Data Lake Formation catalog or configuration resources.
The skill explicitly supports mutating DataLake resources through Alibaba Cloud APIs. That is coherent with its purpose, and the workflow includes confirming region, resource identifiers, and desired action, but incorrect mutations could affect cloud resources.
Change/configure: prefer `Create*` / `Update*` / `Modify*` / `Set*` APIs for mutations.
Before any mutation, confirm the API name, region, resource IDs, intended change, and rollback plan; verify results with read-only Describe/List calls.