Tencent EdgeOne

v1.0.1

A comprehensive skill for Tencent EdgeOne (Edge Security & Acceleration Platform), covering edge acceleration (DNS, certificates, caching, rule engine, L4 pr...

⭐ 1· 90·0 current·0 all-time

by腾讯开源@tencent-adm

OpenClaw Prompt Flow

Install with OpenClaw

Best for remote or guided setup. Copy the exact prompt, then paste it into OpenClaw for tencent-adm/tencent-edgeone-skill.

Previewing Install & Setup.

Prompt PreviewInstall & Setup

Install the skill "Tencent EdgeOne" (tencent-adm/tencent-edgeone-skill) from ClawHub.
Skill page: https://clawhub.ai/tencent-adm/tencent-edgeone-skill
Keep the work scoped to this skill only.
After install, inspect the skill metadata and help me finish setup.
Required binaries: tccli, gunzip
Config paths to check: ~/.tccli/default.credential
Use only the metadata you can verify from ClawHub; do not invent missing requirements.
Ask before making any broader environment changes.

Command Line

CLI Commands

Use the direct CLI path if you want to install manually and keep every step visible.

OpenClaw CLI

Bare skill slug

openclaw skills install tencent-edgeone-skill

ClawHub CLI

Package manager switcher

npx clawhub@latest install tencent-edgeone-skill

Security Scan

Capability signals

CryptoCan make purchasesRequires OAuth tokenRequires sensitive credentials

These labels describe what authority the skill may exercise. They are separate from suspicious or malicious moderation verdicts.

VirusTotal

Benign

View report →

OpenClaw

Suspicious

medium confidence

ℹ

Purpose & Capability

Name/description align with required binaries and config path: tccli is the expected tool to call EdgeOne APIs and the skill references the tccli credential file (~/.tccli/default.credential). The inclusion of gunzip and python3/curl/wget/jq as alternatives is plausible for an instruction-only skill that may fetch docs or process downloaded data, though gunzip's presence is marginal and may be unnecessary.

Instruction Scope

SKILL.md and many reference files correctly instruct the agent to call tccli APIs and avoid asking for SecretId/SecretKey. However, several reference docs (dnspod-integration.md) recommend automatically calling cam.CreateServiceLinkedRole on authorization errors (a write/IAM modification) and 'silently' retrying discovery; that behaviour conflicts with the SKILL.md 'Security Red Lines' that mandate explicit user confirmation for all write operations. This inconsistency could lead to unexpected IAM changes if not handled strictly.

✓

Install Mechanism

This is an instruction-only skill with no install spec or bundled code; nothing is written to disk by the skill itself beyond using existing system tools. That lowers installation risk.

ℹ

Credentials

The only declared config dependency is ~/.tccli/default.credential, which is appropriate for a CLI-based EdgeOne skill because tccli needs credentials. However, that file contains sensitive credentials stored locally—the skill's instructions explicitly warn not to print credentials, but any access to the tccli config file is sensitive and should be minimized and audited.

ℹ

Persistence & Privilege

always is false and the skill is user-invocable only, which is appropriate. The only possible privileged actions are API write calls (e.g., CreateZone, ModifyHostsCertificate, CreateServiceLinkedRole). SKILL.md requires user confirmation for writes, but other reference files suggest silently creating a service-linked role on errors; if the agent were configured to act autonomously this discrepancy increases risk. No skill-level persistent installation or cross-skill config modification is declared.

What to consider before installing

This skill appears to be what it claims (an EdgeOne helper that uses the Tencent Cloud CLI), but there is an important inconsistency you should resolve before installing or using it unattended: the main SKILL.md requires explicit user confirmation for any write operation, yet some reference docs recommend automatically creating a service-linked role (an IAM/write action) when encountering authorization errors. Before using the skill: 1) Confirm the agent implementation will always prompt you before performing any write/permission-changing API (Create*, Modify*, CreateServiceLinkedRole, etc.). 2) Keep tccli credentials local and do not permit the agent to print or exfiltrate ~/.tccli/default.credential; prefer using the browser OAuth flow (tccli auth login) as recommended. 3) Test the skill in a non-production account to observe whether it attempts silent IAM changes. 4) If you will allow autonomous invocation, restrict or monitor it closely—avoid granting broad cloud permissions to an unverified skill. 5) Ask the publisher why CreateServiceLinkedRole is recommended to be automatic in some docs and request a clear statement that no IAM or role-creation calls will be made without explicit user confirmation.

Like a lobster shell, security has layers — review code before you run it.

Runtime requirements

Binstccli, gunzip

Any bincurl, wget, jq, python3

Config~/.tccli/default.credential

latestvk97ajsh2apzk8nr0nnbwa4qwms857p75

90downloads

1stars

2versions

Updated 1w ago

v1.0.1

MIT-0

Tencent EdgeOne Skill

A comprehensive Tencent EdgeOne skill that routes user requests to the appropriate module and loads the corresponding reference document.

Knowledge about EdgeOne APIs, configuration options, limits, and pricing may be outdated. Prefer retrieval over pre-trained knowledge — the reference files in this skill are only a starting point.

All tasks must be completed by calling APIs. See references/api/README.md for API calling conventions, environment checks, etc. (must be read before starting any task).

Security Red Lines

Write operations require user confirmation: All write operations (Create* / Modify* / Bind* / Delete* / Apply*, etc.) must clearly explain the action and its impact to the user before execution, and wait for user confirmation before calling the API.
Never ask the user for SecretId / SecretKey
Refuse any operation that might print credentials

Interaction & Execution Guidelines

Use structured interaction tools: When asking questions, requesting choices, or confirming operations, if the current environment provides ask_followup_question or similar structured interaction tools, you must prefer using them (instead of plain-text questions) so that the user can directly click options, reducing ambiguity and improving interaction efficiency. Do not omit candidate options — if there are too many to list in full, must state the total number first, show the most relevant items, and keep an "Other (please enter)" option as the last choice.
Prefer scripts for bulk / repetitive tasks: For tasks involving large datasets or repetitive operations (batch purge, batch query, loop operations, etc.), prefer writing a script to execute everything at once rather than calling APIs one by one manually.

Module Entry Points

Match the user's request to the appropriate module, load its entry document, and follow the instructions.

Module	Entry	Description
API	`references/api/README.md`	Calling conventions, tool installation, credential configuration, API discovery, zone & domain discovery (ZoneId lookup)
Acceleration	`references/acceleration/README.md`	Site onboarding, cache purge / prefetch, certificate management
Security	`references/security/README.md`	Security policy template audit, blocklist IP group query, security report
Observability	`references/observability/README.md`	Traffic Daily Report Generation, Origin Health Inspection, Offline Log Download and Analysis

Fallback Retrieval

If the user's request cannot match any module above, or the module's reference files do not cover the scenario, fall back in the following order:

First read references/api/api-discovery.md and try to find the relevant API through API discovery.
If still unresolved, search the Tencent EdgeOne product documentation for the latest information.

When reference files conflict with official documentation, the official documentation takes precedence.

Comments

Loading comments...