← Back to Skills Marketplace
251
Downloads
2
Stars
0
Active Installs
7
Versions
Install in OpenClaw
/install vefaas
Description
Deploy and manage serverless applications on Volcengine veFaaS. Use when the user wants to deploy web apps, agents, skills as APIs, tool pages, webhook funct...
Usage Guidance
This appears to be a legitimate veFaaS CLI skill, but take these precautions before using it: (1) Verify the tarball URL and publisher (install the CLI yourself from the vendor site if unsure); (2) Avoid asking the agent to run --debug or to collect and transmit ~/.vefaas/logs or debug.log files to third parties — those logs can contain tokens and request/response payloads; (3) Use least-privilege credentials (create a scoped service account/policy) and prefer short-lived keys where possible; (4) Be aware of the registry metadata inconsistency (SKILL.md declares an install tarball though registry listed none) — confirm the install mechanism if you plan to let the agent install the CLI automatically; (5) If you need the agent to help with troubleshooting, perform sensitive log collection manually and redact secrets before sharing.
Capability Analysis
Type: OpenClaw Skill
Name: vefaas
Version: 1.0.6
The skill is a legitimate tool for managing Volcengine veFaaS (Function as a Service) applications using the official CLI. It is distributed via a verified Volcengine domain (volces.com) and includes comprehensive documentation for deployment, environment management, and troubleshooting. The SKILL.md file contains responsible security instructions, explicitly directing the AI agent to avoid probing for unauthorized credentials and to redact secrets from debug output.
Capability Assessment
Purpose & Capability
Name/description, required binaries (node, npm, vefaas) and required env vars (VOLC_ACCESS_KEY_ID, VOLC_SECRET_ACCESS_KEY) all align with a cloud CLI for Volcengine veFaaS. The operations described (deploy, inspect, env set/import, pull, etc.) match the declared purpose.
Instruction Scope
Runtime instructions stay within veFaaS CLI operations. However the documentation encourages use of debug mode and collecting ~/.vefaas/logs and debug output (which the docs say can include full request/response payloads and tokens). That creates a plausible path for sensitive data (AK/SK, tokens) to appear in logs; the SKILL.md also asserts the agent "should not read or probe for any other env vars, .env files, or credential files," which is an assertion but not enforced. In short: scope is appropriate, but be careful about debug-log collection and any agent action that would read or upload those logs.
Install Mechanism
The SKILL.md includes an install instruction pointing to a tarball at https://vefaas-cli.tos-cn-beijing.volces.com/volcengine-vefaas-latest.tgz (and an npm i -g command). This looks like an official Volcengine distribution host (volces.com), which is reasonable for the vendor, but tarball installation is higher-risk than a vetted registry. Also: registry metadata reported 'No install spec' while the skill front-matter includes an install entry — an inconsistency you may want to confirm.
Credentials
Only VOLC_ACCESS_KEY_ID and VOLC_SECRET_ACCESS_KEY are required and the primary credential is correctly declared. No unrelated credentials or system config paths are requested. The number and type of env vars are proportional to a cloud CLI.
Persistence & Privilege
No always:true setting, no special OS restrictions, and no claims to modify other skills or system-wide settings. This is a normal, non-persistent, user-invocable CLI skill.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install vefaas - After installation, invoke the skill by name or use
/vefaas - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.6
Simplify install provenance note; clarify volces.com ownership and front matter consistency
v1.0.5
Declare ARK_SKILL_API_KEY/ARK_SKILL_API_BASE in required env; add Security section for debug output and credential boundaries
v1.0.4
Add Ark Skill auth priority, pre-deploy inspect check, deploy-time overrides, and agent/skill/tool/webhook cookbooks
v1.0.3
Fix env var names to match actual CLI usage (VOLC_ACCESS_KEY_ID/VOLC_SECRET_ACCESS_KEY); add install provenance URL
v1.0.2
Fix metadata: remove unrelated ARK credentials, set correct primaryEnv
v1.0.1
Add credential auto-injection note; add registry metadata
v1.0.0
vefaas-cli 1.0.0 initial release
- Introduces CLI for deploying and managing serverless applications on Volcengine veFaaS.
- Supports app deployment, function management, environment variable configuration, and gateway selection.
- Provides SSO and AK/SK login options and non-interactive mode for automation.
- Includes commands for project initialization, deployment, configuration, and troubleshooting.
- Documentation added for quick starts, cookbooks, and feature references.
Metadata
Frequently Asked Questions
What is Vefaas Cli?
Deploy and manage serverless applications on Volcengine veFaaS. Use when the user wants to deploy web apps, agents, skills as APIs, tool pages, webhook funct... It is an AI Agent Skill for Claude Code / OpenClaw, with 251 downloads so far.
How do I install Vefaas Cli?
Run "/install vefaas" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is Vefaas Cli free?
Yes, Vefaas Cli is completely free, licensed under MIT-0. You can download, install and use it at no cost.
Which platforms does Vefaas Cli support?
Vefaas Cli is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created Vefaas Cli?
It is built and maintained by songhn233 (@songhn233); the current version is v1.0.6.
More Skills