← Back to Skills Marketplace
948
Downloads
0
Stars
1
Active Installs
1
Versions
Install in OpenClaw
/install volcengine-security-kms
Description
Key lifecycle management with Volcengine KMS. Use when users need key creation, rotation policies, encryption/decryption workflows, or key permission troubleshooting.
Usage Guidance
This skill claims to manage Volcengine KMS but is missing essential operational details (authentication and concrete API/CLI steps). Before installing or using it:
- Treat it as advisory documentation rather than an actionable integration until the author documents auth and invocation details.
- Ask the publisher to declare required credentials (e.g., VOLCENGINE_ACCESS_KEY_ID, VOLCENGINE_SECRET_ACCESS_KEY, REGION/ENDPOINT) and the minimum IAM permissions needed for each operation.
- Do not expose high-privilege or long-lived keys to the agent; prefer least-privilege scoped credentials or ephemeral roles.
- If you intend to let the agent perform real KMS operations, test in a non-production account with narrowly scoped permissions and audit logs enabled.
- If the skill will run autonomously with access to credentials, require explicit confirmation and review of the credential scope first.
If the author clarifies that the skill is purely a checklist/documentation (no runtime API calls), it would be lower risk; if it is intended to perform real KMS operations, the current lack of declared credentials/config is a red flag and should be corrected.
Capability Analysis
Type: OpenClaw Skill
Name: volcengine-security-kms
Version: 1.0.0
The skill bundle defines an OpenClaw agent skill for Volcengine KMS key management. All files, including `SKILL.md` (which contains instructions for the AI agent), are aligned with the stated purpose. There is no evidence of malicious prompt injection, unauthorized data access, external communication, or code execution. The `SKILL.md` even includes 'Safety Rules' promoting secure handling of secrets and permissions, indicating a focus on secure operation rather than malicious intent.
Capability Assessment
Purpose & Capability
The skill's name and description state it manages Volcengine KMS (create/rotate/encrypt/decrypt/etc.), but the package declares no required environment variables, no credentials, and no config paths. Real KMS operations require cloud credentials (API key/secret, role, or SDK config) and often a region/endpoint; their absence is a mismatch between stated purpose and declared requirements.
Instruction Scope
SKILL.md contains high-level steps (confirm key purpose, create/select key, run encrypt/decrypt/sign, return metadata) and sensible safety rules, but it is purely advisory and lacks concrete runtime instructions: no API endpoints, no authentication flow, no SDK/CLI commands. That vagueness could lead an agent to attempt to use whatever credentials are available in the environment without explicit guidance.
Install Mechanism
This is an instruction-only skill with no install spec and no code files. That keeps the on-disk footprint minimal and is consistent with a documentation-style skill.
Credentials
No environment variables or primary credential are declared even though interacting with Volcengine KMS would normally require credentials (access key, secret, possibly region/endpoint). This omission is disproportionate and ambiguous: either the skill is only documentation (then it should say so), or it expects the agent to use existing credentials — which should be explicitly declared and scoped.
Persistence & Privilege
The skill does not request always:true and is user-invocable; it does not demand elevated persistence. Autonomous invocation is allowed (platform default) but is not combined here with broad declared credentials.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install volcengine-security-kms - After installation, invoke the skill by name or use
/volcengine-security-kms - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.0
Initial ClawHub publish for Volcengine skills with agents metadata.
Metadata
Frequently Asked Questions
What is Volcengine Security Kms?
Key lifecycle management with Volcengine KMS. Use when users need key creation, rotation policies, encryption/decryption workflows, or key permission troubleshooting. It is an AI Agent Skill for Claude Code / OpenClaw, with 948 downloads so far.
How do I install Volcengine Security Kms?
Run "/install volcengine-security-kms" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is Volcengine Security Kms free?
Yes, Volcengine Security Kms is completely free (open-source). You can download, install and use it at no cost.
Which platforms does Volcengine Security Kms support?
Volcengine Security Kms is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created Volcengine Security Kms?
It is built and maintained by cinience (@cinience); the current version is v1.0.0.
More Skills