← Back to Skills Marketplace
1194
Downloads
0
Stars
2
Active Installs
4
Versions
Install in OpenClaw
/install alicloud-security-center-sas
Description
Manage Alibaba Cloud Security Center (Sas) via OpenAPI/SDK. Use whenever the user needs Security Center resource operations, configuration updates, status qu...
README (SKILL.md)
Category: service
Security Center
Use Alibaba Cloud OpenAPI (RPC) with official SDKs or OpenAPI Explorer to manage resources for Security Center.
Workflow
- Confirm region, resource identifiers, and desired action.
- Discover API list and required parameters (see references).
- Call API with SDK or OpenAPI Explorer.
- Verify results with describe/list APIs.
AccessKey priority (must follow)
- Environment variables:
ALICLOUD_ACCESS_KEY_ID/ALICLOUD_ACCESS_KEY_SECRET/ALICLOUD_REGION_IDRegion policy:ALICLOUD_REGION_IDis an optional default. If unset, decide the most reasonable region for the task; if unclear, ask the user. - Shared config file:
~/.alibabacloud/credentials
API discovery
- Product code:
Sas - Default API version:
2021-01-14 - Use OpenAPI metadata endpoints to list APIs and get schemas (see references).
High-frequency operation patterns
- Inventory/list: prefer
List*/Describe*APIs to get current resources. - Change/configure: prefer
Create*/Update*/Modify*/Set*APIs for mutations. - Status/troubleshoot: prefer
Get*/Query*/Describe*StatusAPIs for diagnosis.
Minimal executable quickstart
Use metadata-first discovery before calling business APIs:
python scripts/list_openapi_meta_apis.py
Optional overrides:
python scripts/list_openapi_meta_apis.py --product-code \x3CProductCode> --version \x3CVersion>
The script writes API inventory artifacts under the skill output directory.
Output policy
If you need to save responses or generated artifacts, write them under:
output/alicloud-security-center-sas/
Validation
mkdir -p output/alicloud-security-center-sas
for f in skills/security/host/alicloud-security-center-sas/scripts/*.py; do
python3 -m py_compile "$f"
done
echo "py_compile_ok" > output/alicloud-security-center-sas/validate.txt
Pass criteria: command exits 0 and output/alicloud-security-center-sas/validate.txt is generated.
Output And Evidence
- Save artifacts, command outputs, and API response summaries under
output/alicloud-security-center-sas/. - Include key parameters (region/resource id/time range) in evidence files for reproducibility.
Prerequisites
- Configure least-privilege Alibaba Cloud credentials before execution.
- Prefer environment variables:
ALICLOUD_ACCESS_KEY_ID,ALICLOUD_ACCESS_KEY_SECRET, optionalALICLOUD_REGION_ID. - If region is unclear, ask the user before running mutating operations.
References
- Sources:
references/sources.md
Usage Guidance
This skill appears to be a straightforward helper for Alibaba Cloud Security Center: it fetches API metadata from api.aliyun.com and guides SDK/API calls. Before installing, note that SKILL.md expects you to provide Alibaba Cloud credentials (ALICLOUD_ACCESS_KEY_ID and ALICLOUD_ACCESS_KEY_SECRET or a ~/.alibabacloud/credentials file) even though the registry metadata did not list them. Only provide least-privilege credentials needed for the operations you want, and avoid running mutating actions without confirming region/resource IDs. If you need absolute assurance, ask the maintainer to update the manifest to declare the expected environment variables and to provide a signed source/homepage.
Capability Analysis
Type: OpenClaw Skill
Name: alicloud-security-center-sas
Version: 1.0.3
The skill bundle is a legitimate tool for managing Alibaba Cloud Security Center (Sas) via its official OpenAPI. The included Python script (scripts/list_openapi_meta_apis.py) fetches public API metadata from official Alibaba Cloud endpoints (api.aliyun.com) and saves it locally for discovery purposes. While the instructions (SKILL.md) guide the agent to use sensitive credentials (ALICLOUD_ACCESS_KEY_ID), this is standard practice for cloud management tools, and there is no evidence of data exfiltration, malicious execution, or unauthorized access.
Capability Assessment
Purpose & Capability
Name/description match the included material: SKILL.md and the Python script focus on discovering Sas OpenAPI metadata and guiding SDK/API calls. Minor inconsistency: the registry metadata lists no required environment variables, but the SKILL.md explicitly instructs use of Alibaba Cloud credentials (ALICLOUD_ACCESS_KEY_ID/ALICLOUD_ACCESS_KEY_SECRET and optional ALICLOUD_REGION_ID) and ~/.alibabacloud/credentials — these are reasonable for the stated purpose but should be declared in the manifest.
Instruction Scope
Runtime instructions are scoped to API discovery, calling Alibaba Cloud APIs via SDK/OpenAPI Explorer, and saving artifacts under output/alicloud-security-center-sas/. The README warns to ask before mutating operations and to follow least-privilege credentials. It does not instruct reading unrelated system files or exfiltrating data.
Install Mechanism
No install spec — instruction-only with a small helper script. The included script only performs an HTTPS GET from the official api.aliyun.com metadata endpoints and writes files under the skill output directory; no archives or third-party downloads are performed.
Credentials
The SKILL.md sensibly requests Alibaba Cloud credentials and an optional region; those are proportionate to managing Sas resources. However, the package metadata did not declare any required env vars or a primary credential, which is an inconsistency the user should be aware of before granting credentials.
Persistence & Privilege
The skill is not forced-always, is user-invocable, and does not request elevated platform persistence or modify other skills. It does not enable autonomous permanent presence beyond normal model invocation.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install alicloud-security-center-sas - After installation, invoke the skill by name or use
/alicloud-security-center-sas - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.3
batch publish from alicloud-skills on 2026-03-11
v1.0.2
batch publish from alicloud-skills on 2026-02-13
v1.0.1
Initial ClawHub publish for Alibaba Cloud skills with agents metadata.
v1.0.0
Initial ClawHub publish for Alibaba Cloud skills with agents metadata.
Metadata
Frequently Asked Questions
What is Alicloud Security Center Sas?
Manage Alibaba Cloud Security Center (Sas) via OpenAPI/SDK. Use whenever the user needs Security Center resource operations, configuration updates, status qu... It is an AI Agent Skill for Claude Code / OpenClaw, with 1194 downloads so far.
How do I install Alicloud Security Center Sas?
Run "/install alicloud-security-center-sas" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is Alicloud Security Center Sas free?
Yes, Alicloud Security Center Sas is completely free, licensed under MIT-0. You can download, install and use it at no cost.
Which platforms does Alicloud Security Center Sas support?
Alicloud Security Center Sas is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created Alicloud Security Center Sas?
It is built and maintained by cinience (@cinience); the current version is v1.0.3.
More Skills