← Back to Skills Marketplace
88
Downloads
0
Stars
0
Active Installs
1
Versions
Install in OpenClaw
/install tencentcloud-tke-skill
Description
腾讯云 TKE 容器服务全栈运维专家,支持集群管理、K8s 资源操作、Pod 排障、Helm 部署、TCR 镜像仓库管理
Usage Guidance
This skill appears to implement a legitimate TKE + Kubernetes CLI, but the registry metadata fails to declare the sensitive credentials and required binaries the scripts use. Before installing: 1) Review the two Python files (tke_cli.py, k8s_cli.py) yourself or have a trusted reviewer confirm there are no hidden network endpoints or exfiltration logic; 2) Only provide Tencent Cloud credentials with least privilege (scoped, temporary if possible); avoid using your root/owner keys; 3) Be aware the tool will read KUBECONFIG and ~/.kube/config (these contain cluster admin credentials); consider using a dedicated kubeconfig with limited rights; 4) Ensure kubectl and helm are the versions you expect and run the tool in an isolated environment if possible; 5) Ask the author/maintainer to update the skill manifest to declare required env vars (TENCENTCLOUD_SECRET_ID/TENCENTCLOUD_SECRET_KEY), and mention required binaries (kubectl, helm, python) so the metadata accurately reflects runtime needs.
Capability Analysis
Type: OpenClaw Skill
Name: tencentcloud-tke-skill
Version: 1.0.0
The skill bundle provides a legitimate and well-structured set of administrative tools for managing Tencent Kubernetes Engine (TKE) and Kubernetes resources. The Python scripts (tke_cli.py and k8s_cli.py) wrap official Tencent Cloud SDKs and standard binaries (kubectl, helm) to perform cluster operations, registry management, and RBAC configuration. Security practices are observed, such as using subprocess lists to prevent shell injection, setting 0600 permissions on temporary kubeconfig files, and providing dry-run options for destructive actions. No evidence of data exfiltration, unauthorized persistence, or malicious prompt injection was found.
Capability Tags
Capability Assessment
Purpose & Capability
Name/description describe a Tencent Cloud TKE + Kubernetes operator and the included Python tools (tke_cli.py, k8s_cli.py) implement that functionality. However the registry metadata declares no required env vars or binaries while the SKILL.md and the code clearly require TENCENTCLOUD credentials, kubeconfig (or KUBECONFIG/~/.kube/config) and external binaries (kubectl, helm). The missing declarations are an inconsistency.
Instruction Scope
SKILL.md instructs the agent to run the included Python scripts via Bash and to read environment variables and kubeconfig files. k8s_cli.py will search KUBECONFIG and ~/.kube/config and can fetch kubeconfig via tke_cli.py. Those behaviors are expected for this tool, but the instructions allow access to local kubeconfig files and environment variables that are not declared in the registry metadata, increasing the risk of accidental credential exposure.
Install Mechanism
No install spec (instruction-only) is provided; risk from installation is low. The skill does include code files that will be executed by the agent (Python scripts) but there are no downloads or archive extracts referenced. Users should still review the code before running.
Credentials
The code requires sensitive credentials (TENCENTCLOUD_SECRET_ID and TENCENTCLOUD_SECRET_KEY) and access to kubeconfig files (which can contain cluster credentials). Those requests are proportionate to the stated purpose, but the registry metadata lists no required env vars — a discrepancy that can mislead users and cause them to supply high-privilege secrets unknowingly. Also kubectl/helm usage implies the ability to modify cluster state (including creating/deleting resources and exec into pods).
Persistence & Privilege
The skill is not always:true and does not request persistent platform-level privileges. It creates temporary kubeconfig files with restrictive file permissions (0o600) when fetching from TKE API. There is no evidence it modifies other skills or system-wide agent settings.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install tencentcloud-tke-skill - After installation, invoke the skill by name or use
/tencentcloud-tke-skill - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.0
tencentcloud-tke-skill 1.0.0
- Initial release of the TKE StackOps skill for Tencent Cloud container service (TKE)
- Supports full-stack TKE operations via two CLI tools: tke_cli.py (Tencent Cloud API for cluster/TCR management) and k8s_cli.py (Kubernetes cluster resource operations)
- Provides commands for managing clusters, endpoints, node pools, and TCR (container registry) resources
- Allows Kubernetes resource viewing, troubleshooting, and Helm deployments, with flexible kubeconfig and credential handling
- Includes detailed usage examples and dependency requirements for quick onboarding
Metadata
Frequently Asked Questions
What is tencentcloud-tke-skill?
腾讯云 TKE 容器服务全栈运维专家,支持集群管理、K8s 资源操作、Pod 排障、Helm 部署、TCR 镜像仓库管理. It is an AI Agent Skill for Claude Code / OpenClaw, with 88 downloads so far.
How do I install tencentcloud-tke-skill?
Run "/install tencentcloud-tke-skill" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is tencentcloud-tke-skill free?
Yes, tencentcloud-tke-skill is completely free, licensed under MIT-0. You can download, install and use it at no cost.
Which platforms does tencentcloud-tke-skill support?
tencentcloud-tke-skill is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created tencentcloud-tke-skill?
It is built and maintained by 腾讯开源 (@tencent-adm); the current version is v1.0.0.
More Skills