Alibabacloud Pds Multimodal Search

Implements exact filename search, fuzzy filename search, semantic file search, and image-based image search Triggers: "PDS drive file search", "PDS image sea...

MIT-0 · Free to use, modify, and redistribute. No attribution required.

⭐ 0 · 2 · 0 current installs · 0 all-time installs

byalibabacloud-skills-team@sdk-team

MIT-0

Security Scan

VirusTotal

Benign

View report →

OpenClaw

Suspicious

medium confidence

!

Purpose & Capability

The skill legitimately needs Alibaba Cloud (aliyun) CLI and PDS credentials to perform searches, uploads, downloads and analysis, but the registry metadata declares no required binaries and no required environment variables/credentials. That mismatch is unexpected and reduces transparency about what privileges the skill needs.

ℹ

Instruction Scope

SKILL.md and reference docs instruct the agent to run aliyun pds CLI commands and multiple local Python scripts which may upload local files, download signed URLs, and poll processing results. This is consistent with a PDS search/analysis tool, but it means the skill can read local files (for upload) and write/download files (analysis results). The search workflow also instructs the agent to spawn sub-agents to generate prompts and JSON — this grants the skill broad runtime discretion in how it transforms user queries.

✓

Install Mechanism

There is no install spec in the registry (instruction-only), which is low risk. The SKILL.md recommends installing Aliyun CLI via official aliyuncdn/alicdn.com URLs and pip packages (requests, python-pptx), which are standard. No arbitrary third-party download hosts or obfuscated installers were observed in the provided files.

!

Credentials

The runtime instructions require Alibaba Cloud credentials (AK/SK, STS token, or OAuth) and expect the aliyun CLI to be configured, but the skill metadata does not declare any required env vars or primary credential. The documented operations (list-domains, list-user, search-file, get-download-url, upload-file, process) require privileges that can access and exfiltrate user data if misused; these permissions are reasonable for the stated feature but should have been declared explicitly.

✓

Persistence & Privilege

The skill does not request permanent 'always:true' inclusion, does not modify other skills, and contains no install-time hooks in the registry. It runs as an instruction-only skill invoking local CLI and scripts; autonomy is allowed by default but not exceptional in this package.

What to consider before installing

This skill appears to implement Alibaba Cloud PDS search and analysis features and includes helpful scripts and docs — but the package metadata omits key requirements. Before installing/use: - Do NOT paste your AK/SK into chat. Configure Alibaba Cloud credentials yourself (aliyun configure or environment variables) outside the agent session as the skill recommends. - Expect the skill to require the aliyun CLI (>=3.3.1) with the PDS plugin and to run local Python scripts; install these from official sources only (aliyuncli.alicdn.com and PyPI). - Audit the included scripts (especially pds_poll_processor.py, doc/video formatters, upload/download steps) to confirm they do only what you expect; they will download signed URLs and may upload local files to your cloud account. - Limit the RAM/API permissions for any account you use for testing (least privilege) and prefer a test account with no sensitive data. - Because the registry metadata does not declare required credentials/binaries, treat this as a transparency issue; if you need to proceed, ask the author/maintainer to update the skill manifest to declare required binaries and credential env vars explicitly.

Like a lobster shell, security has layers — review code before you run it.

Current versionv0.0.1

Download zip

latestvk975mx56esyyfpwy8nz5vxcaz583znq8

License

MIT-0

Free to use, modify, and redistribute. No attribution required.

Termshttps://spdx.org/licenses/MIT-0.html

SKILL.md

PDS Multimodal Search

Please read this entire skill document carefully

Features

For getting drive/drive_id, querying enterprise space, team space, personal space -> read references/drive.md
For uploading local files to enterprise space, team space, personal space → read references/upload-file.md
For downloading files from enterprise space, team space, personal space to local → read references/download-file.md
For searching or finding files → read references/search-file.md
For document/audio/video analysis, quick view, summarization on cloud drive → read references/multianalysis-file.md
For image search, similar image search, image-text hybrid retrieval → read references/visual-similar-search.md

Agent Execution Guidelines

Must execute steps in order: Do not skip any step, do not proceed to the next step before the previous one is completed.
Must follow documentation: The aliyun pds cli commands and parameters must follow this document's guidance, do not fabricate commands.
Recommended parameter: All aliyun pds commands should include --user-agent AlibabaCloud-Agent-Skills parameter to help server identify request source, track usage, and troubleshoot issues.

Core Concepts:

Domain: PDS instance with a unique domain_id, data is completely isolated between domains
User: End user under a domain, has user_id
Group: Team organization under a domain, divided into enterprise group and team group
Drive: Storage space, can belong to a user (personal space) or team (team/enterprise space)
File: File or folder under a space, has file_id
Mountapp: PDS mount app plugin, used to mount PDS space to local, allowing users to access and manage files in PDS space conveniently

Installation Requirements

Prerequisites: Requires Aliyun CLI >= 3.3.1

Verify CLI version:
aliyun version  # requires >= 3.3.1
Verify PDS plugin version:
aliyun pds version  # requires >= 0.1.4
If version requirements are not met, refer to references/cli-installation-guide.md for installation or upgrade.

After installation, must enable auto plugin installation:
aliyun configure set --auto-plugin-install true

Authentication Configuration

Prerequisites: Alibaba Cloud credentials must be configured

Security Rules:

Forbidden to read, output, or print AK/SK values (e.g., echo $ALIBABA_CLOUD_ACCESS_KEY_ID is forbidden)

Forbidden to ask users to input AK/SK directly in conversation or command line

Forbidden to use aliyun configure set to set plaintext credentials

Only allowed to use aliyun configure list to check credential status

Check credential configuration:
aliyun configure list
Confirm the output shows a valid profile (AK, STS, or OAuth identity).

If no valid configuration exists, stop first.

Obtain credentials from Alibaba Cloud Console

Configure credentials outside this session (run aliyun configure in terminal or set environment variables)

Run aliyun configure list to verify after configuration is complete

# Install Aliyun CLI (if not installed)
curl -fsSL --max-time 10 https://aliyuncli.alicdn.com/install.sh | bash
aliyun version  # confirm >= 3.3.1

# Enable auto plugin installation
aliyun configure set --auto-plugin-install true

# Install Python dependencies (for multipart upload script)
pip3 install requests

PDS-Specific Configuration

Before executing any PDS operations, you must first configure domain_id, user_id, and authentication type -> read references/config.md

Recommended parameter: All aliyun pds commands should include --user-agent AlibabaCloud-Agent-Skills parameter

Examples:
aliyun pds get-user --user-agent AlibabaCloud-Agent-Skills
aliyun pds list-my-drives --user-agent AlibabaCloud-Agent-Skills
aliyun pds upload-file --drive-id <id> --local-path <path> --user-agent AlibabaCloud-Agent-Skills

References

Reference Document	Path
CLI Installation Guide	references/cli-installation-guide.md
RAM Permission Policies	references/ram-policies.md

Error Handling

If file search fails, please read references/search-file.md and strictly follow the documented process to re-execute file search.

Files

20 total

Select a file

Select a file to preview.

Comments

Loading comments…