Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Alibabacloud Resourcecenter Search
v0.0.1Alibaba Cloud Resource Center - Global Resource Inventory, Search & Statistics Skill. Provides cross-region, cross-product, and cross-account resource invent...
⭐ 0· 38·0 current·0 all-time
byalibabacloud-skills-team@sdk-team
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
Capability signals
These labels describe what authority the skill may exercise. They are separate from suspicious or malicious moderation verdicts.
OpenClaw
Suspicious
medium confidencePurpose & Capability
The skill's purpose is to run Alibaba Cloud Resource Center CLI operations, but the registry metadata lists no required binaries, no primary credential, and no required env vars or config paths. In reality SKILL.md requires the 'aliyun' CLI (>=3.3.1) and an Alibaba Cloud credential/profile (stored in ~/.aliyun/config.json or via environment variables). The metadata omission is an incoherence: a resource-center skill legitimately needs the CLI and credentials.
Instruction Scope
SKILL.md instructions stay on-topic: they guide the agent to use aliyun resourcecenter commands, require explicit user confirmation for parameters, and forbid printing or soliciting AK/SK in conversation. The skill includes a small helper script that calls the aliyun CLI. There are no instructions that read unrelated system secrets or exfiltrate data to external endpoints. The only scope concern is the strong requirement to run `aliyun configure set --auto-plugin-install true` and to have users configure credentials outside the session — both reasonable but should be made explicit in metadata.
Install Mechanism
No install spec is provided (instruction-only), so nothing is written to disk by the platform. The included README references official Alibaba Cloud download URLs (aliyuncli.alicdn.com) for manual installation, which are expected for this purpose. No high-risk download/install steps are embedded in the skill package itself.
Credentials
The skill requires Alibaba Cloud credentials and potentially high-scope RAM permissions for cross-account searches (per its RAM policy docs). However, the declared required env vars and primary credential are empty in the registry metadata. This mismatch could mislead users into installing the skill without realizing it needs sensitive credentials or management-account privileges. The skill's documentation correctly warns not to echo AK/SK and to configure credentials outside the conversation, but the package should have explicitly declared the credential requirements.
Persistence & Privilege
The skill does not request 'always: true' and has no install-time persistence. It does instruct the user to run `aliyun configure set --auto-plugin-install true`, which modifies the user's CLI configuration (auto-plugin install). That side-effect is reasonable for functionality but should be highlighted — it changes local CLI behavior and may add plugins later.
What to consider before installing
This skill is coherent with its stated purpose (running Alibaba Cloud Resource Center CLI calls), but the package metadata omits key requirements. Before installing or using it: 1) ensure you have the aliyun CLI >= 3.3.1 installed and understand that the skill will call it (the included Python script invokes the CLI). 2) Understand that you must supply Alibaba Cloud credentials (AK/SK, STS token, RAM role, or ECS role) via your local CLI config or environment variables; do not paste secrets into the chat. 3) Only use a least-privilege RAM user or read-only policy unless you intentionally need service enable/disable permissions — cross-account searches require management-account privileges. 4) Be aware the skill asks you to enable automatic plugin installation in your CLI config, which changes local behavior. 5) If you need higher assurance, ask the publisher to update the registry metadata to declare required binaries and credentials, or run the commands in an isolated environment (temporary account or sandbox) first.Like a lobster shell, security has layers — review code before you run it.
latestvk9798t1fr7eceq4tmbh52t3q6584dt0s
License
MIT-0
Free to use, modify, and redistribute. No attribution required.