Alibabacloud Dts Task Manager
v0.0.1Create, view, and manage Alibaba Cloud DTS data migration/synchronization tasks interactively. Automatically triggered when the user mentions keywords such a...
⭐ 0· 25·0 current·0 all-time
byalibabacloud-skills-team@sdk-team
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
high confidencePurpose & Capability
The name/description match the actions in SKILL.md and reference files: it uses the aliyun CLI and DTS APIs to create, list, start/suspend, and delete DTS tasks. Required permissions described in references/ram-policies.md align with the operations the skill performs (CreateDtsInstance, ConfigureDtsJob, StartDtsJob, SuspendDtsJob, DeleteDtsJob, DescribeDtsJobs, DescribeDtsJobDetail). The skill does not request unrelated cloud providers, OS-level credentials, or extraneous tools.
Instruction Scope
The instructions are specific and confined to DTS workflows and related managed-instance listing APIs. They require reading user-supplied certificate files (PEM) and database credentials when configuring self-managed endpoints; these file reads are justified for establishing SSL/mTLS connections. The SKILL.md warns not to display secrets. Users should be aware that the agent will run CLI commands locally and may read certificate/private-key files the user points it to — this is expected for the skill but is sensitive.
Install Mechanism
Instruction-only skill with no install spec and no code files. The only external reference is guidance to obtain aliyun-cli (link to GitHub releases) if the CLI is missing; nothing in the skill automatically downloads or executes remote archives. Risk from installation is low because nothing is installed by the skill itself.
Credentials
The skill requests no environment variables, no credentials, and no config paths in metadata. The instructions do require the user to have configured Alibaba Cloud credentials (via aliyun configure) and to grant DTS-related RAM permissions for the account/role used — which is appropriate and proportional given the operations. The skill documents least-privilege RAM permissions. The only sensitive local access requested is optional certificate and DB credential input, which is necessary for self-managed endpoints.
Persistence & Privilege
always is false and the skill is user-invocable. There is no install-time persistence or modification of other skills or system-wide agent settings. The skill's recommended rollback behaviors (auto-release on failure) and double-confirmation on delete are operational details, not elevation of privilege.
Assessment
This skill appears to do what it says: manage Alibaba Cloud DTS via the aliyun CLI. Before installing/using it, ensure you: (1) run it with an agent profile that you trust to execute CLI commands locally; the agent will run aliyun commands and may read any certificate/private-key files you point it to — treat those files as sensitive; (2) grant only the RAM permissions needed (use least-privilege policies the references recommend or a narrowly scoped role), because the skill can create and delete DTS instances and tasks; (3) confirm that the aliyun CLI and your credentials are configured in the environment the agent will run in; and (4) require confirmations for destructive actions (the SKILL.md already prescribes double-confirmation for deletes, but verify the deployed skill enforces prompts). If you want lower blast radius, run management actions from a separate account/role with limited scope or test inside an isolated environment first.Like a lobster shell, security has layers — review code before you run it.
latestvk97d8grtkwq5jxw71017s5hfrn845qrz
License
MIT-0
Free to use, modify, and redistribute. No attribution required.