Alibabacloud Rds Copilot
Security checks across static analysis, malware telemetry, and agentic risk
Overview
This is a disclosed Alibaba Cloud RDS assistant that uses the Aliyun CLI and cloud credentials, but users should restrict credentials and understand that RDS/SQL details are sent to Alibaba Cloud.
Install only if you are comfortable configuring Alibaba Cloud CLI credentials and sending selected RDS troubleshooting or SQL content to Alibaba Cloud. Use a dedicated least-privilege RAM user/profile, avoid secrets in prompts or logs, and review the CLI installer/plugin auto-update settings before enabling them.
Static analysis
No static analysis findings were reported for this release.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The agent may invoke the Aliyun CLI using the configured account and send the user's RDS-related query to Alibaba Cloud.
The skill's core behavior is to have the agent run local CLI commands that call an external cloud API. This is purpose-aligned, but users should expect command execution and network calls.
Directly call Alibaba Cloud CLI to execute `aliyun rdsai chat-messages` command for real-time RDS Copilot queries
Review commands before use, keep prompts scoped to the intended RDS task, and use a dedicated least-privilege profile.
Using an overly privileged AccessKey could expose more Alibaba Cloud account authority than the RDS Copilot API needs.
The skill depends on Alibaba Cloud account credentials. This is expected for the integration, but AccessKeys are sensitive and could be over-privileged if a broad or root credential is used.
Follow the prompts to enter: - **Access Key Id**: Your AccessKey ID - **Access Key Secret**: Your AccessKey Secret
Use a dedicated RAM user or role, avoid root AccessKeys, grant only `rdsai:ChatMessages` unless more is deliberately needed, prefer the `rdsai` profile, and rotate keys regularly.
Installing or updating the CLI/plugins runs third-party code and changes the local CLI environment.
The setup instructions include user-directed remote script execution and automatic CLI plugin installation/updating. These are disclosed and related to the CLI dependency, but they carry normal supply-chain risk.
run `curl -fsSL https://aliyuncli.alicdn.com/setup.sh | bash` ... [MUST] run `aliyun configure set --auto-plugin-install true` ... [MUST] run `aliyun plugin update`
Install from official Alibaba Cloud sources, verify installer provenance where possible, review whether auto-plugin-install is acceptable, and disable it after setup if not needed.
SQL text, error logs, instance IDs, and operational details may be processed by Alibaba Cloud's RDS AI service.
Examples show RDS instance identifiers, logs, SQL context, and troubleshooting details being sent to the Alibaba Cloud RDS AI endpoint. This is central to the skill, but it is sensitive data flow.
`aliyun rdsai chat-messages` ... `--query 'RDS instance rm-bp1pjojb0k8vi8p6j suddenly had connection timeout ... logs keep showing ERROR 1040 ...'` ... `--endpoint rdsai.aliyuncs.com`
Do not include passwords, secrets, personal data, or regulated production data unless your organization permits it; redact sensitive logs before sending.
Follow-up responses may depend on earlier queries and logs associated with the same conversation ID.
The skill supports multi-turn conversations where prior submitted context is reused by the RDS Copilot service. This is expected, but stale or sensitive context can influence later answers.
`--conversation-id` ... `Second turn (using ConversationId from previous response)`
Use a fresh conversation for unrelated or highly sensitive tasks, and avoid reusing conversation IDs across different incidents or environments.