Alibabacloud Sas Openclaw Security
Security checks across malware telemetry and agentic risk
Overview
This skill is coherent for Alibaba Cloud/OpenClaw security operations, but it is powerful because it uses cloud credentials and can run commands or install security components on ECS instances.
Install this only if you need Alibaba Cloud/OpenClaw security automation. Use a dedicated least-privileged RAM identity, restrict ECS RunCommand to intended instances, verify CLI/plugin installation sources, explicitly approve every remote shell or guardrail install command, and keep generated security reports private.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The skill can act with the Alibaba Cloud permissions granted to the configured CLI profile.
The skill relies on the user's Alibaba Cloud CLI credential profile, which carries cloud-account authority.
If not yet configured, run `aliyun configure` and follow the prompts. Credentials are stored in `~/.aliyun/config.json`.
Use a dedicated RAM user or role, avoid primary-account keys, grant only the listed minimum actions, and restrict ECS RunCommand permissions to the intended instances.
A mistaken or unauthorized command could change, stop, or expose data on remote ECS machines.
The ECS client can send arbitrary shell command content to specified ECS instances through Cloud Assistant.
command_content: 命令内容(明文,自动进行 Base64 编码) ... "--type", command_type, "--command-content", command_b64 ... "--instance-id"
Treat this as remote administrator access: preview the full command and target instances, require explicit user approval, avoid unnecessary bulk execution, and keep audit logs.
The local CLI/plugin environment may change and execute provider-supplied code outside the skill package.
The setup flow depends on a remote installer and automatically updated aliyun CLI plugins.
run `curl -fsSL https://aliyuncli.alicdn.com/setup.sh | bash` ... run `aliyun configure set --auto-plugin-install true` ... run `aliyun plugin update`
Install the aliyun CLI from official documentation, verify the download source, and consider controlled versioning or administrative approval for plugin updates in production.
Installing the guardrail may execute provider-generated shell code on selected ECS instances.
The AISC API returns a shell installation command used for the security guardrail workflow.
响应字段为 InstallKey,\n 但其实际含义是一条完整的 shell 安装命令(install command)
Review the generated install command where possible, run it only on intended hosts, and confirm rollback or uninstall steps before broad deployment.
Target ECS/OpenClaw environments will have an ongoing security component installed, which may affect future operations.
The guardrail is intended to keep running after installation, creating persistent behavior on target machines.
Install the Alibaba Cloud security guardrail plugin to add continuous protection capabilities to OpenClaw instances.
Install it only when continuous protection is desired, track where it is deployed, and document how to disable or remove it.
Generated reports may reveal hostnames, IPs, vulnerabilities, alerts, and other sensitive security posture data.
The report generator stores raw instance, vulnerability, baseline, and alert data in local output files.
"instances": instances,\n "vulns": vulns,\n "baseline": baseline,\n "alerts": alerts
Store output reports in a protected directory, redact them before sharing, and delete old reports when no longer needed.