CLS CLI
WarnAudited by ClawScan on May 10, 2026.
Overview
This appears to be a real Tencent Cloud CLS management CLI, but it needs review because it gives the agent broad cloud-changing authority and installs or updates executable code from GitHub.
Install only if you trust the GitHub source and publisher. Use a dedicated least-privilege Tencent Cloud CAM key, avoid `-y` unless you are sure, require confirmation for create/delete/raw API actions, review LogListener and collector paths before enabling them, and verify upgrades before replacing the CLI binary.
Findings (5)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If the agent misunderstands a request or is influenced by bad input, it could perform high-impact CLS API actions, including changes not covered by the safer shortcut commands.
The generic API command forwards any action name and JSON parameters supplied by the user or agent to Tencent CLS, with no local action allowlist or confirmation logic in this command path.
action := args[0] ... result, err := clsClient.CallRaw(action, params)
Require explicit user approval for raw API and mutating operations, prefer `--dry-run` first, restrict credentials with least-privilege CAM policies, and consider adding allowlists or confirmations for dangerous actions.
A broadly permissioned Tencent Cloud key could let the agent read logs and change CLS resources across the account or region.
The skill requires Tencent Cloud API credentials, which is expected for a CLS management tool but grants account authority according to the permissions on those keys.
cls-cli config init --secret-id <SECRET_ID> --secret-key <SECRET_KEY> --region ap-guangzhou
Use a dedicated least-privilege Tencent Cloud CAM key limited to the intended CLS resources and regions, and avoid using account-wide administrator keys.
A compromised or unexpected upstream release could replace the CLI that later uses the user's Tencent Cloud credentials.
The upgrade flow downloads a release asset, marks it executable, and replaces the current binary, potentially with sudo, without visible checksum, signature, or pinned-version verification.
resp, err := client.Get(downloadURL) ... os.Chmod(tmpPath, 0755) ... sudoCmd := exec.Command("sudo", "cp", tmpPath, currentBin)Install from a trusted, pinned release; verify checksums or signatures before upgrading; and avoid running `cls-cli upgrade` in sensitive environments unless the source is audited.
Log collection services may continue running on hosts and sending configured logs until stopped or uninstalled.
The skill can install and control LogListener components that may keep running after the immediate CLI task, which is normal for log collection but persistent.
cls-cli ll +install ... cls-cli ll +start ... cls-cli ll +stop / +restart / +status / +check / +uninstall
Review generated LogListener installation scripts and only start or bind collectors on intended machines; verify uninstall/stop behavior when no longer needed.
Downloaded or displayed logs could expose secrets, personal data, or adversarial log messages to the agent or local files.
The skill retrieves and can write operational log content, which may include sensitive data or untrusted text that an agent should not treat as instructions.
cls-cli log +search ... cls-cli log +download --topic-id <id> --query "*" --from "1 hour ago" --output logs.json
Limit searches to necessary topics and time ranges, protect downloaded log files, redact sensitive data where possible, and do not treat log contents as agent instructions.