ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Alibabacloud Emr Starrocks Manage

v0.0.1

Manage the full lifecycle of Alibaba Cloud EMR Serverless StarRocks instances — create, scale, configure, maintain and diagnose. Use this Skill when operatio...

0· 29·0 current·0 all-time
byalibabacloud-skills-team@sdk-team
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
!
Purpose & Capability
The SKILL.md clearly describes lifecycle management of Alibaba Cloud EMR Serverless StarRocks and lists the exact API actions needed; that purpose matches the documented required permissions. However, the registry metadata claims no required binaries or credentials, while the SKILL.md explicitly requires the Alibaba Cloud CLI (aliyun >= 3.0) and an AccessKey or STS token configured. This metadata omission is an inconsistency that reduces transparency.
Instruction Scope
The runtime instructions are explicit: they tell the agent to call Alibaba Cloud StarRocks APIs via the aliyun CLI, walk through create/describe/modify operations, and require network resources (VPC, VSwitch, SecurityGroup) and an AdminPassword during creation. There are no instructions to read arbitrary host files, transmit unrelated data to third-party endpoints, or perform actions outside the stated StarRocks/Alibaba Cloud domain.
Install Mechanism
This is an instruction-only skill with no install spec and no code files, so nothing will be written to disk by the skill itself. That reduces supply-chain risk. The runtime does, however, depend on an external binary (aliyun CLI) that must already exist in the environment (documented only in SKILL.md, not in registry metadata).
!
Credentials
The skill needs access to Alibaba Cloud credentials (AccessKey or STS token) via the configured aliyun CLI profile to call APIs that can create and modify resources. Yet the registry metadata declares no required env vars or primary credential. That omission is disproportionate to the metadata and can mislead users into enabling the skill without realizing it will use cloud credentials. Also, the skill's operations include potentially billable and destructive actions (CreateInstance, ModifyCu, Restart), so credentials should be scoped with least privilege and usage audited.
Persistence & Privilege
The skill is not always-included and doesn't request any special platform privileges. It's instruction-only and does not indicate modifying other skills or system-wide settings. Autonomous invocation is allowed (platform default), which increases blast radius if misused, but this alone is expected for skills and not an immediate red flag.
What to consider before installing
This skill appears to be a legitimate operator guide for Alibaba Cloud StarRocks, but the package metadata omits key runtime requirements. Before installing or enabling: - Verify the execution environment has the aliyun CLI (aliyun >= 3.0) and that the agent will use a specific named CLI profile you control. The SKILL.md relies on the local CLI profile (aliyun configure). - Provide only minimally scoped credentials: use a RAM role or AccessKey with least privilege. For read-only operations, use the read-only policy example in references/ram-policies.md; create operations require broader permissions and should be limited to separate credentials. Prefer short-lived STS tokens where possible. - Be aware the skill issues Alibaba CLI commands that can create resources (billable) and restart/modify instances (disruptive). Test in a sandbox account or non-production project first. - Ask the publisher (contact email in SKILL.md) for clarification and request that the registry metadata be corrected to declare the required binary and credential entry so the skill's requirements are explicit. If you cannot confirm where the skill came from or cannot confine credentials to a restricted role, treat the skill as higher risk and avoid enabling it on agents that have access to production cloud credentials.

Like a lobster shell, security has layers — review code before you run it.

latestvk97atbc6sjxs46vh4bxm8yagnh840msw

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments