← Back to Skills Marketplace
84
Downloads
0
Stars
0
Active Installs
1
Versions
Install in OpenClaw
/install aliyun-sas-manage
Description
Use when managing Alibaba Cloud Security Center (Sas) via OpenAPI/SDK, including the user needs Security Center resource operations, configuration updates, s...
README (SKILL.md)
Category: service
Security Center
Use Alibaba Cloud OpenAPI (RPC) with official SDKs or OpenAPI Explorer to manage resources for Security Center.
Workflow
- Confirm region, resource identifiers, and desired action.
- Discover API list and required parameters (see references).
- Call API with SDK or OpenAPI Explorer.
- Verify results with describe/list APIs.
AccessKey priority (must follow)
- Environment variables:
ALICLOUD_ACCESS_KEY_ID/ALICLOUD_ACCESS_KEY_SECRET/ALICLOUD_REGION_IDRegion policy:ALICLOUD_REGION_IDis an optional default. If unset, decide the most reasonable region for the task; if unclear, ask the user. - Shared config file:
~/.alibabacloud/credentials
API discovery
- Product code:
Sas - Default API version:
2021-01-14 - Use OpenAPI metadata endpoints to list APIs and get schemas (see references).
High-frequency operation patterns
- Inventory/list: prefer
List*/Describe*APIs to get current resources. - Change/configure: prefer
Create*/Update*/Modify*/Set*APIs for mutations. - Status/troubleshoot: prefer
Get*/Query*/Describe*StatusAPIs for diagnosis.
Minimal executable quickstart
Use metadata-first discovery before calling business APIs:
python scripts/list_openapi_meta_apis.py
Optional overrides:
python scripts/list_openapi_meta_apis.py --product-code \x3CProductCode> --version \x3CVersion>
The script writes API inventory artifacts under the skill output directory.
Output policy
If you need to save responses or generated artifacts, write them under:
output/aliyun-sas-manage/
Validation
mkdir -p output/aliyun-sas-manage
for f in skills/security/host/aliyun-sas-manage/scripts/*.py; do
python3 -m py_compile "$f"
done
echo "py_compile_ok" > output/aliyun-sas-manage/validate.txt
Pass criteria: command exits 0 and output/aliyun-sas-manage/validate.txt is generated.
Output And Evidence
- Save artifacts, command outputs, and API response summaries under
output/aliyun-sas-manage/. - Include key parameters (region/resource id/time range) in evidence files for reproducibility.
Prerequisites
- Configure least-privilege Alibaba Cloud credentials before execution.
- Prefer environment variables:
ALICLOUD_ACCESS_KEY_ID,ALICLOUD_ACCESS_KEY_SECRET, optionalALICLOUD_REGION_ID. - If region is unclear, ask the user before running mutating operations.
References
- Sources:
references/sources.md
Usage Guidance
This skill appears to be a legitimate Alibaba Cloud Security Center helper, but the package metadata fails to declare that it needs your ALICLOUD_ACCESS_KEY_ID and ALICLOUD_ACCESS_KEY_SECRET (or ~/.alibabacloud/credentials). Before installing: 1) confirm the publisher/source and ask them to update the registry to list required env vars; 2) use least-privilege or temporary Alibaba Cloud credentials (do not use root keys); 3) run the skill in an isolated environment or container if possible; 4) review output/aliyun-sas-manage/ after runs and avoid writing long-lived secrets or full credential files into that directory; 5) if you need to allow autonomous agent invocation, be aware the agent could perform API calls using provided credentials — only grant permissions required for the specific operations.
Capability Analysis
Type: OpenClaw Skill
Name: aliyun-sas-manage
Version: 1.0.0
The skill bundle is a legitimate tool for managing Alibaba Cloud Security Center (Sas) via its OpenAPI. The included script 'scripts/list_openapi_meta_apis.py' safely fetches API metadata from official Alibaba Cloud endpoints (api.aliyun.com) to assist the agent in discovering available operations, and the credential handling instructions in 'SKILL.md' follow standard cloud security practices.
Capability Assessment
Purpose & Capability
The name/description align with the included script and instructions: this is a tool for discovering and calling Alibaba Cloud Security Center (Sas) OpenAPI. Requiring Alibaba Cloud credentials is expected for the purpose. However the registry metadata lists no required environment variables or primary credential while SKILL.md explicitly expects ALICLOUD_ACCESS_KEY_ID / ALICLOUD_ACCESS_KEY_SECRET and optionally ALICLOUD_REGION_ID (or ~/.alibabacloud/credentials), which is an inconsistency between claimed requirements and actual instructions.
Instruction Scope
SKILL.md instructs the agent to use SDK/OpenAPI with cloud credentials, run the included script that fetches metadata from api.aliyun.com, and save artifacts and 'key parameters' (region/resource id/time range) to output/. Saving these parameters may persist sensitive identifiers. The instructions also give the agent discretion to pick a region if environment variables are unset, which is vague and broad. The instructions do not ask for unrelated system files, and the script itself only fetches public OpenAPI metadata, but the overall guidance to include credential-sourced operations and evidence files increases risk if credentials or sensitive identifiers are mishandled.
Install Mechanism
Instruction-only skill with a small Python script; no install spec, no downloads, no archive extraction. The included script uses urllib to GET official api.aliyun.com metadata — this is low install risk.
Credentials
SKILL.md requires Alibaba Cloud access keys (env vars or shared credentials file) which are proportional to managing SAS. But the registry metadata did not declare these required env vars or a primary credential, creating a transparency gap. The instructions also request writing 'key parameters' to disk (which may include resource IDs or time ranges) — users should be careful about where evidence is stored and who can access those files. Overall the credentials requested are appropriate for the task, but their omission from declared requirements is a red flag.
Persistence & Privilege
always:false and no install script that modifies other skills or global agent settings. The skill does write output under its own output/aliyun-sas-manage/ directory (normal). It does not request permanent platform-wide privileges.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install aliyun-sas-manage - After installation, invoke the skill by name or use
/aliyun-sas-manage - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.0
Initial release of aliyun-sas-manage:
- Provides tools and workflows for managing Alibaba Cloud Security Center (Sas) using OpenAPI/SDK.
- Supports inventory, configuration updates, status queries, and troubleshooting for Sas resources.
- Guides credential management with environment variables or config files.
- Includes sample scripts for API discovery and quickstart execution.
- Defines output and validation policies for reproducibility and evidence collection.
Metadata
Frequently Asked Questions
What is Aliyun Sas Manage?
Use when managing Alibaba Cloud Security Center (Sas) via OpenAPI/SDK, including the user needs Security Center resource operations, configuration updates, s... It is an AI Agent Skill for Claude Code / OpenClaw, with 84 downloads so far.
How do I install Aliyun Sas Manage?
Run "/install aliyun-sas-manage" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is Aliyun Sas Manage free?
Yes, Aliyun Sas Manage is completely free, licensed under MIT-0. You can download, install and use it at no cost.
Which platforms does Aliyun Sas Manage support?
Aliyun Sas Manage is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created Aliyun Sas Manage?
It is built and maintained by cinience (@cinience); the current version is v1.0.0.
More Skills