腾讯云COS存储
PassAudited by ClawScan on May 10, 2026.
Overview
This appears to be a legitimate Tencent Cloud COS integration, but it needs powerful cloud credentials and can upload, delete, share, and index cloud files, so use least-privilege credentials.
Install only if you intend to let the agent operate your Tencent Cloud COS/CI resources. Use temporary STS credentials or a least-privilege sub-account limited to the intended bucket, confirm destructive or sharing operations, and avoid uploading sensitive documents to COS or the knowledge base unless you understand the bucket, dataset, and retention settings.
Findings (7)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A generic request like “upload this to the cloud” could use Tencent Cloud COS even if the user did not explicitly name Tencent.
The invocation scope covers generic cloud-upload, link-generation, and knowledge-base requests, which could route a broad user request to Tencent COS unless the agent confirms the intended provider/bucket.
即使用户没有明确提到COS或腾讯云,只要涉及"把文件传到云上"、"生成下载链接"、"帮我建个知识库"...也应该触发此技能。
Ask the user to confirm the provider, bucket, object key, and sharing settings before uploading, deleting, signing, or indexing files.
If used with broad Tencent Cloud permissions, the agent could change bucket settings, expose files through signed links, or delete cloud objects.
The skill openly provides high-impact storage and bucket-management operations, including deletion, signed sharing links, ACL/CORS, lifecycle, and versioning changes.
- **文件存储**:上传、下载、列出、删除文件,获取签名下载链接,批量操作,复制 - **存储桶管理**:列出/创建存储桶,ACL、跨域、标签、版本控制、生命周期管理
Use a least-privilege Tencent Cloud sub-account or STS token, and require explicit confirmation for delete, ACL, lifecycle, bucket-creation, and sharing-link operations.
The agent can call CI APIs beyond the specifically wrapped actions, which increases the chance of unintended jobs or account-side changes if invoked incorrectly.
The documented generic CI request action is an escape-hatch API interface with user-controlled method, path, body, and query parameters, scoped to the configured Tencent CI endpoint.
### ci-request — 通用 CI API 请求 用于调用尚未封装为独立 action 的 CI 能力... --method ... --path ... --body ... --query
Prefer the named actions for normal use, and review any ci-request path/body/query carefully before execution.
A credential with excessive permissions could let the skill affect more buckets or COS/CI resources than intended.
The skill requires Tencent Cloud API credentials and optionally an STS token; this is expected for COS/CI access but grants delegated cloud authority.
"secrets": ["SecretId", "SecretKey"], "optionalSecrets": ["Token"], ... "scope": "COS object storage and CI data processing APIs"
Use STS temporary credentials or a Tencent Cloud sub-account restricted to the specific bucket and required COS/CI actions; do not use root account keys.
Persisted credentials remain on disk and could be exposed by local compromise, backups, or accidental sharing.
The setup script can persist credentials to a local .env file when the user opts into --persist; this is disclosed and chmod 600 is applied.
setup.sh --from-env --persist ... 写入项目本地 .env 文件(权限 600)
Prefer ephemeral environment variables or STS tokens; if persistence is needed, keep .env/.env.enc out of version control and rotate keys if exposure is suspected.
A future compromised or changed npm package version could affect the skill at install time.
The installer fetches the COS SDK from npm without a pinned version in the provided command; this is normal SDK setup but depends on npm package integrity at install time.
(cd "$BASE_DIR" && npm install cos-nodejs-sdk-v5 --no-progress 2>&1 | tail -3)
Install from a trusted network, verify the package source, and consider pinning or locking the dependency version in controlled environments.
Documents uploaded to the knowledge base may be stored and indexed in Tencent Cloud and later influence retrieval results.
The skill can create a persistent cloud knowledge base, upload documents into it, and retrieve semantic snippets later.
**🚀 知识库**:一键创建知识库(自动创建桶+数据集+绑定),上传文档到知识库,语义检索知识库内容
Only upload intended documents, avoid highly sensitive material unless the bucket/dataset policy is understood, and verify retrieved snippets before relying on them.