Alibabacloud Oss Media Process
ReviewAudited by ClawScan on May 11, 2026.
Overview
The skill matches its OSS media-processing purpose, but it asks for broad cloud permissions and includes instructions that could change IMM resources or expose signed URLs without enough user control.
Review before installing. Use a restricted RAM user for only the intended OSS bucket and needed IMM actions, require confirmation before any IMM auto-setup/admin command, and avoid printing full signed URLs into chat or logs.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If installed with these permissions, the agent could affect OSS objects and IMM resources in the configured Alibaba Cloud account.
The recommended permissions allow reading, writing, deleting, signing OSS objects and administering IMM projects. These abilities are partly purpose-aligned, but they are high-impact and broader than simple media transformation.
`oss:GetObject` ... `oss:PutObject` ... `oss:DeleteObject` ... `oss:SignUrl` ... `imm:CreateProject` ... `imm:DeleteProject` ... `imm:AttachOSSBucket` ... `Resource`: `*`
Use a least-privilege RAM policy limited to the specific bucket and only the IMM actions actually needed; avoid granting delete or administration permissions unless explicitly required.
The agent may create or bind Alibaba Cloud IMM resources while trying to complete a media task, which can change account configuration or incur service implications.
The instructions encourage automatic IMM project setup and bucket binding, which are cloud account mutations, without an explicit user-confirmation step in the quoted guidance.
`Always run imm_admin.py auto-setup first to get project name` ... `Run python scripts/imm_admin.py auto-setup to auto-create and bind, then include --imm-project <project_name> in the retry`
Require explicit user approval before running IMM admin or auto-setup commands, and clearly show the project, bucket, and region that will be changed.
Anyone who can see the transcript or logs may be able to access the media through the signed URL until it expires.
A signed URL is an access-bearing bearer URL. Telling the agent to show it in a result table can expose it in chat transcripts or logs, despite other guidance in SKILL.md warning that signed URLs are sensitive.
`hls/m3u8` must use `--output-mode url`. Show the signed URL in the result table for direct playback in browser/player
Redact signed URLs in normal chat output, provide only OSS paths unless the user explicitly requests a URL, and deliver full URLs only through a secure private channel.
Installing or updating the required tools can execute third-party setup code on the local machine.
The setup uses external installers, CLI plugins, and Python packages. This is disclosed and aligned with Alibaba Cloud integration, but it means installation depends on external code sources.
`curl -fsSL https://aliyuncli.alicdn.com/setup.sh | bash` ... `aliyun configure set --auto-plugin-install true && aliyun plugin update` ... `pip install -r scripts/requirements.txt`
Review the installer source and dependency versions, prefer pinned packages, and run setup in a controlled environment.