Alibabacloud Pai Workspace Manage
Security checks across malware telemetry and agentic risk
Overview
The skill mostly matches its PAI workspace purpose, but some reference instructions could expose Alibaba Cloud account data or credentials in logs.
Review the skill before use. Configure Aliyun credentials yourself outside the agent, use a least-privilege RAM user or temporary role, and do not paste access keys into chat or commands. Before running any workspace query/list verification, ensure the command includes the required jq masking pipeline and an explicit region. Inspect the Aliyun CLI install/update steps before allowing them to modify your local environment.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Workspace creator, owner, or administrator identifiers could be saved in execution logs or shown to the user unmasked.
The verification method shows a raw get-workspace command without the jq masking pipeline that the skill elsewhere requires for get/list operations. Because workspace responses can include creator/owner/admin identifiers and command output may be logged, this can persist raw sensitive account data in logs or context.
aliyun aiworkspace get-workspace --workspace-id $WORKSPACE_ID --user-agent AlibabaCloud-Agent-Skills/alibabacloud-pai-workspace-manage
Update every get-workspace and list-workspaces example, including verification steps, to use a single-command jq masking pipeline and an explicit region; do not run raw API-output commands.
Alibaba Cloud access keys could be exposed if the user or agent follows the reference setup commands with real credentials.
The reference guide recommends command-line access-key setup in agent/script contexts, even though SKILL.md says not to use literal credential values. Passing AK/SK values on command lines can expose them through shell history, process listings, scripts, or agent logs.
All `aliyun configure` commands support non-interactive flags, which is the recommended approach ... agent-driven automation ... aliyun configure set --mode AK --access-key-id <your-access-key-id> --access-key-secret <your-access-key-secret>
Configure credentials outside the agent using secure Aliyun-supported methods, prefer RAM roles or temporary STS credentials, and never paste or pass AK/SK values in chat or command examples.
The agent can create resources in the user's Alibaba Cloud account when asked.
The skill directly invokes cloud CLI operations that create PAI workspaces. This is purpose-aligned and includes validation guidance, but it is still a high-impact account mutation.
aliyun aiworkspace create-workspace --region <RegionId> --workspace-name <WorkspaceName> --description "<Description>" --env-types prod
Confirm region, workspace name, environment type, and resource group before creation, and use a least-privilege RAM user or role.
Installing or updating the CLI/plugins could change local tooling or introduce whatever version is current at install time.
The setup path downloads and executes an external installer and enables/upgrades CLI plugins globally. This is disclosed and related to the Aliyun CLI purpose, but it is unpinned external code and changes the local CLI environment.
run `curl -fsSL https://aliyuncli.alicdn.com/setup.sh | bash` ... [MUST] run `aliyun configure set --auto-plugin-install true` ... `aliyun plugin update`
Prefer trusted package-manager installation where possible, review or verify downloaded installers, and understand the impact before enabling automatic plugin installation.