Aliyun Fc Agentrun

v1.0.0

Use when managing Function Compute AgentRun resources via OpenAPI (runtime, sandbox, model, memory, credentials), including creating runtimes/endpoints, quer...

⭐ 0· 85·0 current·0 all-time

by@cinience

OpenClaw Prompt Flow

Install with OpenClaw

Best for remote or guided setup. Copy the exact prompt, then paste it into OpenClaw for cinience/aliyun-fc-agentrun.

Previewing Install & Setup.

Prompt PreviewInstall & Setup

Install the skill "Aliyun Fc Agentrun" (cinience/aliyun-fc-agentrun) from ClawHub.
Skill page: https://clawhub.ai/cinience/aliyun-fc-agentrun
Keep the work scoped to this skill only.
After install, inspect the skill metadata and help me finish setup.
Use only the metadata you can verify from ClawHub; do not invent missing requirements.
Ask before making any broader environment changes.

Command Line

CLI Commands

Use the direct CLI path if you want to install manually and keep every step visible.

OpenClaw CLI

Bare skill slug

openclaw skills install aliyun-fc-agentrun

ClawHub CLI

Package manager switcher

npx clawhub@latest install aliyun-fc-agentrun

Security Scan

VirusTotal

Benign

View report →

OpenClaw

Suspicious

medium confidence

ℹ

Purpose & Capability

Name/description align with the included scripts and references: the scripts call the AgentRun OpenAPI to create/list/delete runtimes/endpoints and manage related resources. Requiring Alibaba Cloud access keys and selecting a regional endpoint is expected for this purpose. However, the registry entry declares no required environment variables or primary credential while the SKILL.md and all scripts clearly require ALICLOUD_ACCESS_KEY_ID and ALICLOUD_ACCESS_KEY_SECRET (and optionally a security token) — this metadata mismatch is inconsistent.

✓

Instruction Scope

SKILL.md restricts actions to AgentRun operations (create/publish endpoint/list/delete) and the three Python scripts only interact with the AgentRun SDK and write responses into an output/compute-fc-agentrun/ directory. There are no instructions to read arbitrary unrelated files, contact unexpected endpoints, or exfiltrate data beyond the AgentRun service. The scripts do exit if the SDK is missing, and they store API responses locally.

ℹ

Install Mechanism

This is instruction-only (no install spec). The scripts import alibabacloud_agentrun20250910 and alibabacloud_tea_openapi SDK packages; SKILL.md points users to use the OpenAPI Explorer or SDK but does not provide automated install steps. That is not inherently malicious but raises usability/risk concerns: users must fetch/install the SDK from official sources (or generate it) before running the scripts. Lack of an explicit, verifiable SDK source means a user could accidentally install a malicious package if they follow ambiguous instructions.

Credentials

The scripts require cloud credentials (ALICLOUD_ACCESS_KEY_ID and ALICLOUD_ACCESS_KEY_SECRET) and optionally a security token; those are necessary for AgentRun operations and are proportionate to the stated functionality. However, the registry metadata does not declare these required environment variables or a primary credential. That discrepancy is a material concern: the skill will ask for sensitive credentials at runtime but does not advertise that requirement in its manifest, making it easier to overlook when granting keys. Recommend the skill manifest be updated to declare required env vars and the primary credential.

✓

Persistence & Privilege

The skill does not request always:true, does not claim to run installs or modify other skills, and only writes outputs under its own output/compute-fc-agentrun/ folder. It does not request persistent system-wide privileges in the manifest. Autonomous invocation is allowed (platform default) but is not combined with other high-risk flags here.

What to consider before installing

This skill appears to do what it says (manage Alibaba Cloud AgentRun runtimes/endpoints) and the included Python scripts are straightforward. Before installing or running it, do the following: 1) Do not provide long-lived full-admin credentials — create a RAM user with least privilege (only the AgentRun APIs needed: create/update/delete/list runtimes/endpoints, credential operations, etc.), or prefer temporary STS tokens. 2) Verify and install the AgentRun SDK from official Alibaba Cloud sources (OpenAPI Explorer / official package repository) — do not install untrusted third-party packages. 3) Note the manifest inconsistency: the registry does not declare the required env vars; treat this as a red flag and require the publisher to update the manifest to list ALICLOUD_ACCESS_KEY_ID, ALICLOUD_ACCESS_KEY_SECRET (and optional security token) as required. 4) Run initial tests in an isolated or test account (or with tightly scoped credentials) and review the output files under output/compute-fc-agentrun/. 5) If you need higher assurance, request source provenance (where the SDK should be obtained) or a corrected manifest from the publisher; otherwise consider the skill suspicious and limit any credentials used to a throwaway/test account.

Like a lobster shell, security has layers — review code before you run it.

latestvk978sqnhhsz80t29hyf0ke97r18419ga

85downloads

0stars

1versions

Updated 3w ago

v1.0.0

MIT-0

Category: service

Function Compute AgentRun (OpenAPI)

Use AgentRun OpenAPI (ROA) to manage runtimes, sandboxes, model services, memory, and credentials.

Prerequisites

AccessKey via RAM user (least privilege).
Select the correct regional endpoint (see references/endpoints.md). If unsure, choose the most reasonable region for the task or ask the user.
Use OpenAPI Explorer or official SDK to avoid manual signing (ROA requires SignatureV1).

Workflow

Choose region endpoint (agentrun.cn-<region>.aliyuncs.com).
Create runtime → publish version → create runtime endpoint.
Create sandbox/template if needed.
Configure credentials and model services as required.
Query resources for troubleshooting.

API Groups

See references/api_overview.md for the full API list and grouping.

Script quickstart

python skills/compute/fc/aliyun-fc-agentrun/scripts/quickstart.py

Environment variables:

AGENTRUN_ENDPOINT
ALICLOUD_ACCESS_KEY_ID
ALICLOUD_ACCESS_KEY_SECRET
OUTPUT_DIR (optional)

Runtime flow script

AGENTRUN_RUNTIME_NAME="my-runtime" \\
AGENTRUN_RUNTIME_ENDPOINT_NAME="my-runtime-endpoint" \\
python skills/compute/fc/aliyun-fc-agentrun/scripts/runtime_flow.py

Environment variables:

AGENTRUN_ENDPOINT
ALICLOUD_ACCESS_KEY_ID
ALICLOUD_ACCESS_KEY_SECRET
AGENTRUN_RUNTIME_NAME
AGENTRUN_RUNTIME_ENDPOINT_NAME
AGENTRUN_RUNTIME_DESC (optional)
OUTPUT_DIR (optional)

Cleanup script

AGENTRUN_RUNTIME_ID="runtime-id" \\
AGENTRUN_RUNTIME_ENDPOINT_ID="endpoint-id" \\
python skills/compute/fc/aliyun-fc-agentrun/scripts/cleanup_runtime.py

Environment variables:

AGENTRUN_ENDPOINT
ALICLOUD_ACCESS_KEY_ID
ALICLOUD_ACCESS_KEY_SECRET
AGENTRUN_RUNTIME_ID
AGENTRUN_RUNTIME_ENDPOINT_ID
OUTPUT_DIR (optional)

SDK Notes

See references/sdk.md for SDK acquisition guidance.

Output Policy

If you store any generated files or responses, write them under: output/compute-fc-agentrun/.

Validation

mkdir -p output/aliyun-fc-agentrun
for f in skills/compute/fc/aliyun-fc-agentrun/scripts/*.py; do
  python3 -m py_compile "$f"
done
echo "py_compile_ok" > output/aliyun-fc-agentrun/validate.txt

Pass criteria: command exits 0 and output/aliyun-fc-agentrun/validate.txt is generated.

Output And Evidence

Save artifacts, command outputs, and API response summaries under output/aliyun-fc-agentrun/.
Include key parameters (region/resource id/time range) in evidence files for reproducibility.

References

API overview and operation list: references/api_overview.md
Regional endpoints: references/endpoints.md
SDK guidance: references/sdk.md
Source list: references/sources.md

Comments

Loading comments...