ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Alibabacloud Oss Manage Metaquery

v0.0.1

Alicloud OSS AI Content Awareness Skill. Use for enabling and querying OSS semantic search with AI-powered content understanding. Triggers: "OSS AI Content A...

0· 33·0 current·0 all-time
byalibabacloud-skills-team@sdk-team
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
!
Purpose & Capability
Name, description, scripts, and reference docs are coherent: the skill implements OSS MetaQuery (open/close index, semantic queries, upload, create bucket). However the registry metadata declares no required environment variables or config paths even though the SKILL.md and scripts rely on Aliyun credentials and ~/.aliyun/config.json / environment variables. That mismatch is unexpected and should be fixed or explained.
Instruction Scope
The SKILL.md precisely instructs use of aliyun CLI, ossutil and Python scripts and enumerates dangerous operations that require explicit user confirmation. It also instructs pip installing oss2 and alibabacloud-credentials. The instructions do not attempt to exfiltrate data to unknown external endpoints, but they do instruct operations that read/upload/delete bucket data and may process many objects (index build).
Install Mechanism
No formal install spec (instruction-only), which reduces automatic installation risk, but SKILL.md asks users/agents to run pip install for oss2 and alibabacloud-credentials and to install/upgrade aliyun CLI and optionally ossutil from official mirrors. The requested packages and download hosts appear legitimate, but the skill relying on manual pip/CLI installs means code will run locally and dependencies will be installed at runtime.
!
Credentials
The skill requires access to Alibaba Cloud credentials (AK/SK, STS, or ECS RAM role) to operate but the metadata lists no required env vars or config paths. RAM permission examples in docs include write/delete and OpenMetaQuery/DoMetaQuery permissions; these privileges are proportionate to the skill's functionality but are powerful (can delete buckets and enable indexing). The absence of declared required creds in metadata is an inconsistency and increases risk if users supply broad credentials without noticing.
Persistence & Privilege
always:false and no special platform-level privileges requested. The skill does perform potentially destructive cloud operations (delete bucket/object, open/close MetaQuery) but requires explicit confirmation per SKILL.md. There is no evidence it modifies other skills or requests permanent presence.
What to consider before installing
This skill appears to implement Alibaba Cloud OSS MetaQuery workflows (create/upload/open/close/index/search) and includes working scripts and thorough docs, but it does not declare the environment variables/config paths it needs. Before installing or running it: (1) Treat it as requiring Alibaba Cloud credentials (ALIBABA_CLOUD_ACCESS_KEY_ID / ALIBABA_CLOUD_ACCESS_KEY_SECRET, STS tokens, or an ECS RAM role) even though the registry metadata doesn't list them. (2) Do not use long‑lived root credentials — create a RAM user or preferably use STS temporary credentials or an ECS instance role scoped to the bucket and only the permissions listed in ram-policies.md. (3) Review credentials.py and scripts locally to confirm they only use the standard Alibaba SDK flows and do not send data to unknown endpoints. (4) Run destructive operations (delete bucket/object, open/close metaquery) only after explicit user confirmation and preferably first in a test account. (5) Be prepared to install Python packages (oss2, alibabacloud-credentials) and aliyun CLI; verify download sources. (6) Request the publisher to update the registry metadata to declare required env vars and config paths (and to provide a homepage/source repository) before trusting this skill in production.

Like a lobster shell, security has layers — review code before you run it.

latestvk978q3h5vjw5trrewnp5t59bs983zkyd

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments