Alibabacloud Emr Starrocks Manage
Security checks across malware telemetry and agentic risk
Overview
This is a coherent Alibaba Cloud StarRocks management guide, but it can use your configured Alibaba Cloud profile to create or change billable cloud resources.
Before installing or using this skill, confirm that you trust the source, use a least-privilege Alibaba Cloud RAM/STS profile, and require explicit approval for any command that creates resources, changes capacity, restarts instances, modifies billing, or exposes gateways publicly.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If the agent runs these commands with your cloud profile, it may change running infrastructure, affect service availability, expose endpoints, or incur costs.
The skill documents cloud-management CLI/API operations that can create, scale, restart, change billing-related settings, modify configuration, or change gateway exposure. These are aligned with the stated lifecycle-management purpose, but they are high-impact operations.
Instance Management: CreateInstanceV1, ... RestartInstance ... ModifyChargeType ... Scaling Management: ModifyCu ... Configuration Management: ModifyInstanceConfig ... Gateway Management ... TogglePublicSlb
Require explicit confirmation before any create, scale, restart, billing, SSL, restore, or public gateway operation, and review the exact region, instance ID, and parameters first.
Commands will run with the permissions of the active Alibaba Cloud profile, so an overly privileged profile could allow broader changes than intended.
The skill expects use of an existing Alibaba Cloud CLI credential profile. This is expected for Alibaba Cloud management, but those credentials can authorize account-level cloud changes.
Requires Alibaba Cloud CLI (aliyun >= 3.0) with AccessKey or STS Token configured. Verify credentials via `aliyun configure list`.
Use a least-privilege RAM user or STS role, verify the active `aliyun` profile before use, and avoid using a broad administrator profile for routine operations.
A user may not realize from the registry metadata alone that the skill depends on a local Alibaba Cloud CLI installation and credential setup.
The skill depends on the external `aliyun` CLI and configured credentials, while the registry metadata reports no required binaries or primary credential. This appears to be an under-declared dependency rather than hidden code.
Requires Alibaba Cloud CLI (aliyun >= 3.0) with AccessKey or STS Token configured.
Install the Alibaba Cloud CLI only from official sources, verify its version and configured profile, and treat the metadata dependency gap as something to review before use.