Volcengine Compute Function
PassAudited by ClawScan on May 10, 2026.
Overview
This instruction-only skill matches its Volcengine deployment purpose, but users should explicitly scope and approve any cloud deployment actions.
This skill appears coherent and benign as an instruction-only helper for Volcengine Function Compute. Install or use it only if you intend the agent to help deploy and validate serverless functions, and make sure you approve target account, region, function, trigger, package, environment variables, and rollback plan before any real deployment.
Findings (2)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The agent may deploy or invoke a Volcengine function if the user provides suitable tools or credentials, which can affect cloud resources or produce costs.
These are cloud-changing and execution-triggering actions. They are purpose-aligned for a serverless deployment skill, but should be scoped to the intended function, region, and environment.
Deploy function and verify latest revision. Invoke test event and return logs/latency summary.
Before use, confirm the target account, region, function name, trigger type, package contents, and rollback plan; require explicit approval before deploying to production.
If run with broad cloud permissions, mistakes could modify the wrong function, region, trigger, or environment.
Operating cloud workloads normally requires delegated cloud account permissions. The artifacts do not show credential collection or misuse, but users should ensure any credentials used are appropriately scoped.
Build and operate Volcengine Function Compute workloads.
Use least-privilege Volcengine credentials and specify the intended account, region, and resource identifiers before allowing deployment actions.