Volcengine Compute Function
AdvisoryAudited by Static analysis on Apr 30, 2026.
Overview
No suspicious patterns detected.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The agent may deploy or invoke a Volcengine function if the user provides suitable tools or credentials, which can affect cloud resources or produce costs.
These are cloud-changing and execution-triggering actions. They are purpose-aligned for a serverless deployment skill, but should be scoped to the intended function, region, and environment.
Deploy function and verify latest revision. Invoke test event and return logs/latency summary.
Before use, confirm the target account, region, function name, trigger type, package contents, and rollback plan; require explicit approval before deploying to production.
If run with broad cloud permissions, mistakes could modify the wrong function, region, trigger, or environment.
Operating cloud workloads normally requires delegated cloud account permissions. The artifacts do not show credential collection or misuse, but users should ensure any credentials used are appropriately scoped.
Build and operate Volcengine Function Compute workloads.
Use least-privilege Volcengine credentials and specify the intended account, region, and resource identifiers before allowing deployment actions.