Alibabacloud Network Eip Associate
ReviewAudited by ClawScan on May 10, 2026.
Overview
The skill is a coherent Alibaba Cloud EIP automation guide, but it can change cloud networking, incur EIP costs, and uses local Alibaba Cloud credentials.
Install only if you intend to let the agent manage Alibaba Cloud EIPs. Use a dedicated least-privilege Aliyun CLI profile, verify every region and resource ID, understand any EIP billing impact, and avoid running the broader create/delete commands in the reference files unless you explicitly want a test environment.
Findings (5)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The agent can allocate public IP resources, bind them to cloud services, unbind them, or release them, which can affect availability, public exposure, and billing.
The skill instructs the agent to perform real cloud networking mutations, including EIP allocation, binding, and cleanup.
Focus: EIP product capabilities only - allocation, binding, verification, and cleanup.
Use the skill only with explicit region and resource IDs, review each command before execution, and confirm any billing-related EIP allocation parameters.
Credentials used by the Aliyun CLI may be able to modify cloud networking and billing resources.
The documented RAM permissions allow creating, attaching, detaching, and releasing EIPs in the user's Alibaba Cloud account.
`vpc:AllocateEipAddress`, `vpc:AssociateEipAddress`, `vpc:UnassociateEipAddress`, `vpc:ReleaseEipAddress`
Use a dedicated least-privilege RAM user or temporary STS credentials scoped to the intended region and resources where possible.
Running a remote installer executes code from the CLI provider on the user's machine.
The setup guidance includes a remote shell installer for Aliyun CLI; it is user-directed and relevant, but not pinned or checksummed in the artifact.
run `curl -fsSL https://aliyuncli.alicdn.com/setup.sh | bash` to update
Prefer package-manager installation where possible, verify the download source, and avoid running remote scripts in privileged shells unless trusted.
Future Aliyun CLI operations may run against a different region than the user expects if the setting is not restored.
Changing the Aliyun CLI profile region can persist beyond the current task and affect later commands run by the user or agent.
Before running any VPC command, you MUST set the CLI profile region to match the target region: `aliyun configure set --region {REGION}`Record the previous CLI profile region before using the skill, or use an isolated profile for this task.
If treated as workflow instructions instead of test/reference material, these commands could create or delete unrelated cloud resources.
A reference/testing document lists broader create/delete cloud-resource commands that go beyond the main SKILL.md principle of operating only on existing resources.
`create-default-vpc`, `create-vswitch`, `create-nat-gateway`, `run-instances`, `delete-instance`, `delete-vpc`
Follow the main SKILL.md constraints: only use user-provided existing resources unless the user explicitly asks for a separate test environment.