Alibabacloud Ecs Diagnose
Security checks across malware telemetry and agentic risk
Overview
This appears to be a disclosed Alibaba Cloud ECS diagnostics skill, but it can require powerful cloud permissions and should be used only with least-privilege credentials.
Install only if you are comfortable letting the agent use Aliyun CLI with your Alibaba Cloud profile. Start with read-only permissions, do not paste access keys into the chat, and require explicit confirmation before any Cloud Assistant command, security-group change, password reset, reboot, or EIP operation.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If granted full diagnostic permissions, the agent can access cloud instance metadata and run diagnostic commands on the selected ECS instance.
The skill discloses that it uses an existing Alibaba Cloud identity and may require permission to run Cloud Assistant commands on ECS instances.
Pre-check: Alibaba Cloud Credentials Required ... Required Permissions ... `ecs:RunCommand` (for Deep Diagnostics) ... `ecs:DescribeInvocationResults`
Use a RAM user or role with the minimum policy needed; prefer the read-only Basic Diagnostics policy unless Deep Diagnostics is truly required.
If the user approves remediation, the agent could make cloud changes that affect availability, access control, or billing.
The reference design includes remediation operations that can change security groups, reboot instances, reset passwords, or bind/unbind EIPs, while also stating they require user confirmation.
需要用户确认的操作:修改安全组规则 ... 重启实例 ... 重置密码 ... 绑定/解绑EIP
Treat remediation commands separately from diagnostics; confirm the exact command, target instance, region, and expected impact before running them.
Installing or updating the CLI/plugins changes the local environment and downloads executable components from the network.
The setup path relies on provider-hosted installation scripts and automatic CLI plugin updates rather than a pinned local package.
run `curl -fsSL https://aliyuncli.alicdn.com/setup.sh | bash` ... `aliyun configure set --auto-plugin-install true` ... `aliyun plugin update`
Install Aliyun CLI from trusted official channels, review installation steps, and avoid enabling automatic plugin installation if your environment requires pinned tooling.
If a run is interrupted before cleanup, AI-mode could remain enabled in the local Aliyun CLI configuration.
The skill toggles a persistent Aliyun CLI mode and explicitly requires cleanup at every exit path.
Enable AI-Mode ... `aliyun configure ai-mode enable` ... Disable AI-Mode at EVERY exit point ... `aliyun configure ai-mode disable`
After using the skill, verify AI-mode is disabled with the Aliyun CLI, especially after errors or cancellations.