Skillv0.0.2

ClawScan security

Alibabacloud Cli Guidance · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignApr 27, 2026, 5:56 AM

Verdict: Benign
Confidence: high
Model: gpt-5-mini
Summary: The skill's files and runtime instructions align with its stated purpose (guiding use of the Aliyun CLI); it asks users to configure credentials and optionally run the official installer, which is expected for this functionality.
Guidance: This skill appears coherent and appropriate for teaching or automating the Alibaba Cloud CLI. Before running anything it suggests: 1) Inspect the install script instead of blindly piping curl to bash (or prefer your OS package manager/homebrew and verify checksums). 2) Use least-privilege RAM credentials or OAuth where possible and avoid using root account keys. 3) Be careful with --log-level debug and --body-file/--header flags because they can expose or transmit sensitive data; make sure you aren’t unintentionally sending local files or secrets. 4) If you use AI-mode (user-agent token), remember to disable it and unset exported env vars when done to avoid persistent attribution or accidental leakage. If you want extra assurance, ask the skill author for a checksum or signed release URL for installers or prefer installing from your distro/package manager.
Findings: [no-code-files-or-regex-hits] expected: The static regex scanner found no code files to analyze. This is expected because the skill is instruction-only (SKILL.md and reference docs).

Review Dimensions

Purpose & Capability: okName/description (Aliyun CLI guidance) match the included documents: installation, configuration, plugin management, command syntax, RAM policies and examples. The skill does not request unrelated credentials or tools in metadata.
Instruction Scope: noteSKILL.md instructs the agent/user to install, configure, and run the official aliyun CLI and to set environment variables or profiles (ALIBABA_CLOUD_ACCESS_KEY_*, ALIBABA_CLOUD_PROFILE, ALIBABA_CLOUD_USER_AGENT). It also recommends using --log-level debug which reveals full request/response payloads and documents flags like --header and --body-file that can send local content to the network. These behaviors are within the scope of a CLI guidance skill but carry expected sensitivity (credentials, potential leakage via debug or body-file).
Install Mechanism: noteThere is no declared install spec in the registry (instruction-only), but the documentation instructs users to run remote installer commands (curl|bash from https://aliyuncli.alicdn.com/setup.sh, wget | tar from aliyuncli.alicdn.com). The URLs point to Alibaba's CDN (expected for this product). Executing remote install scripts is typical but inherently higher-risk; users should verify the source and consider package manager alternatives or checksum verification where possible.
Credentials: okThe skill metadata requires no env vars or credentials. The docs correctly explain how the CLI consumes standard Alibaba Cloud environment variables and profiles (ALIBABA_CLOUD_ACCESS_KEY_ID, ALIBABA_CLOUD_ACCESS_KEY_SECRET, ALIBABA_CLOUD_SECURITY_TOKEN, ALIBABA_CLOUD_PROFILE, ALIBABA_CLOUD_USER_AGENT). Asking users to provide their own cloud credentials is expected and proportionate for a CLI guidance skill.
Persistence & Privilege: noteThe instructions include enabling CLI AI-mode (aliyun configure ai-mode set-user-agent ...) which writes to local CLI configuration and must be disabled on exit. This is appropriate for agent attribution but does persist until disabled—if used, the agent or user must ensure cleanup (the skill explicitly instructs disabling AI-mode and unsetting exported env vars). The skill is not marked always:true and does not modify other skills or system-wide agent settings.