Aliyun Skills
v1.0.0Manage Alibaba Cloud resources using the Aliyun CLI tool. Use this skill whenever the user wants to manage any Alibaba Cloud resource via the aliyun CLI, inc...
⭐ 0· 134·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
high confidencePurpose & Capability
Name/description align with required binaries and instructions: the skill is an instruction-only helper for the Aliyun CLI and references service-specific command patterns and examples. Required binary (aliyun) and the brew install of aliyun-cli are proportional to the stated purpose.
Instruction Scope
SKILL.md instructs the agent to construct and run aliyun commands, perform describe/list calls to discover resource IDs, and only run mutating/destructive commands after explicit confirmation — this is expected. The instructions reference configuration (e.g., ~/.aliyun/config.json and `aliyun configure`) and possible environment variables for STS tokens; they do not instruct the agent to read arbitrary unrelated system files. Note: because the skill performs cloud management actions, it inherently can cause destructive or cost-incurring changes if commands are executed with credentials that permit such actions.
Install Mechanism
Install spec uses Homebrew formula 'aliyun-cli' (creates 'aliyun' binary), which is a standard, low-risk packaging method. The reference docs also show optional manual curl download for Linux from GitHub releases (an expected, traceable source) — nothing appears to pull from unknown/personal servers or use obfuscated installers.
Credentials
The skill declares no required environment variables or primary credential. The reference docs describe normal authentication methods (AccessKey, ECS RAM role, STS tokens) and recommend using least-privilege RAM roles; asking for those credentials when performing actions would be expected and proportional. There are no unrelated credential requests.
Persistence & Privilege
always:false and normal user-invocable/autonomous invocation settings are used. The skill does not request permanent platform presence or modification of other skills. It may read/use the user's existing aliyun CLI configuration when invoked, which is expected for a CLI helper.
Assessment
This skill is an instruction-only helper for the Aliyun CLI and is internally coherent, but be aware of practical risks: 1) It will build and suggest commands that can create, modify, or delete cloud resources — always verify destructive commands before running and confirm costs. 2) The skill does not require credentials itself, but to act it will rely on whatever Alibaba credentials are present on the host (configured via `aliyun configure` or environment variables); prefer least-privilege RAM users/roles rather than root account keys. 3) Installing the CLI via Homebrew is low risk; the README also shows optional curl-based installs from GitHub releases (verify URLs if you follow those instructions). 4) Do not paste long-lived AccessKey/secret pairs into chat; instead configure them securely on the machine or use temporary STS tokens. If you want extra safety, keep the CLI uninstalled or use read-only credentials until you need mutating actions.Like a lobster shell, security has layers — review code before you run it.
latestvk97acnc2a2g5nqaqt6rp7q1z1d83gxma
License
MIT-0
Free to use, modify, and redistribute. No attribution required.
Runtime requirements
☁️ Clawdis
Binsaliyun
Install
Install Aliyun CLI (brew)
Bins: aliyun
brew install aliyun-cli