Baidu Cloud BOS
PassAudited by ClawScan on May 10, 2026.
Overview
This is a coherent Baidu BOS storage integration, but it uses persistent cloud access keys and includes destructive storage operations that users should handle carefully.
Install only if you intend to let the agent manage Baidu BOS resources. Provide a dedicated least-privilege key, avoid broad account-level keys, carefully review delete/sync/permanent signed URL commands, and remove `~/.config/openclaw/baidu-cloud-bos/credentials.json` if you stop using the skill.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Anyone or any agent process that can use these saved credentials may be able to access or modify the configured BOS resources.
The skill asks for Baidu Cloud credentials and stores them locally for future sessions. This is expected for a BOS integration, but those credentials can grant significant cloud-storage authority.
我需要你的百度智能云凭证来连接 BOS 存储服务。请提供:1. AccessKeyId ... 2. SecretAccessKey ... 脚本会自动 ... 将凭证持久化到 ~/.config/openclaw/baidu-cloud-bos/credentials.json(权限 600)
Use a dedicated least-privilege Baidu Cloud key limited to the needed bucket/actions, rotate it if exposed, and remove the saved credentials when no longer needed.
A mistaken delete or sync command could remove files from BOS or from the local filesystem.
The documented bcecmd workflows include recursive deletion and sync deletion. These are normal object-storage management functions, but they can remove data if invoked with the wrong path or direction.
`bcecmd bos rm bos:/<bucket>/<bosdir>/ --recursive --yes` ... `bcecmd bos sync <localdir> bos:/<bucket>/<dir>/ [--delete]`
Require explicit user confirmation before delete, recursive delete, bucket removal, or sync with `--delete`; prefer dry-run/listing checks before destructive operations.
The behavior of the installed SDK could change over time depending on what npm resolves during setup.
The skill relies on an external npm package with a semver range rather than an exact pinned version. This is common for SDK integrations, but it means future installs may fetch newer dependency code.
"dependencies": { "@baiducloud/sdk": "^1.0.7" }Prefer a pinned dependency and lockfile for reproducible installs, or review the resolved package version before use.