← Back to Skills Marketplace

TencentCloud COS Storage

Name: TencentCloud COS Storage
Author: ugpoor

by superStupidBear · GitHub ↗ · v1.1.0 · MIT-0

cross-platform ⚠ suspicious

139

Downloads

Stars

Active Installs

Versions

Install in OpenClaw

/install tencentcloud-cos-storage

Description

Manage Tencent Cloud COS buckets and files, supporting bucket creation, file upload/download, lifecycle policies, access control, and cost optimization.

Usage Guidance

This skill appears to implement Tencent COS management code that expects TENCENT_SECRET_ID and TENCENT_SECRET_KEY in a .env, but the registry metadata did not declare those required environment variables — treat that as a red flag. Before installing: 1) Verify the skill source and author (homepage/source unknown). 2) Prefer creating a Tencent sub-user with least-privilege COS actions (limit to specific buckets and operations rather than broad cos:*). 3) Inspect the code (already included) yourself or run it in an isolated environment. 4) Avoid running pip with --break-system-packages on production machines; consider using a virtualenv. 5) Store .env secrets securely and rotate keys if you decide to remove the skill. If you need higher assurance, ask the publisher to update registry metadata to declare required env vars and to correct any incorrect action strings (e.g., 'name/cos:*') so permission requests are explicit and minimal.

Capability Analysis

Type: OpenClaw Skill Name: tencentcloud-cos-storage Version: 1.1.0 The skill bundle is a legitimate management tool for Tencent Cloud Object Storage (COS). It provides functionality for bucket lifecycle management, file transfers, and cost estimation using the official 'qcloud_cos' SDK. The code in 'src/cos_manager.py' and instructions in 'SKILL.md' are well-documented, follow standard cloud management patterns (e.g., using environment variables for credentials), and contain no evidence of data exfiltration, malicious execution, or prompt-injection attacks.

Capability Assessment

ℹ Purpose & Capability

The name, description, SKILL.md, and included Python code all align with a Tencent Cloud COS management tool (bucket and object operations, lifecycle, cost estimates). However the registry metadata claims 'Required env vars: none' and 'Primary credential: none' while the code reads TENCENT_SECRET_ID and TENCENT_SECRET_KEY — this mismatch is unexpected.

✓ Instruction Scope

The SKILL.md and code confine actions to COS operations and local config handling: installing the COS SDK, placing credentials in a .env, creating/deleting buckets, uploading/downloading objects, lifecycle rules, and cost estimation. The docs reference running tccli/verification commands and pinging COS endpoints for troubleshooting; those are consistent with cloud storage tooling and the code. There are no instructions to read unrelated system files or to transmit data to unknown third‑party endpoints.

ℹ Install Mechanism

There is no formal install spec in the registry (instruction-only install). SKILL.md tells users to pip install cos-python-sdk-v5 and python-dotenv (via --break-system-packages). Installing runtime packages from PyPI is normal, but the explicit --break-system-packages flag can alter system package boundaries and should be used with caution.

⚠ Credentials

The code requires Tencent API credentials (TENCENT_SECRET_ID / TENCENT_SECRET_KEY) and region/config env vars, which are appropriate for the stated purpose — but the registry metadata fails to declare them as required. SKILL.md suggests granting broad COS permissions (action pattern shown as 'name/cos:*' which appears incorrect/overbroad). Requesting full COS privileges is proportionate to admin operations but users should prefer narrowly scoped sub-user keys with least privilege. The metadata omission (no declared required env) is the primary concern.

✓ Persistence & Privilege

The skill is not forced-always and does not request any agent-wide persistent privileges. It does not modify other skills' configs in the provided files. Autonomous invocation is allowed by default; that is normal but increases blast radius if credentials are compromised, so credentials should be scoped appropriately.

How to Use

Make sure OpenClaw is installed (local or Docker)
Run the install command in chat: /install tencentcloud-cos-storage
After installation, invoke the skill by name or use /tencentcloud-cos-storage
Provide required inputs per the skill's parameter spec and get structured output

Version History

v1.1.0

恢复中文内容，仅技能名称使用英文

v1.0.0

Tencent Cloud COS object storage management - Updated to English, removed OKX references

Metadata

Slug tencentcloud-cos-storage

Version 1.1.0

License MIT-0

All-time Installs 0

Active Installs 0

Total Versions 2

Frequently Asked Questions

What is TencentCloud COS Storage?

Manage Tencent Cloud COS buckets and files, supporting bucket creation, file upload/download, lifecycle policies, access control, and cost optimization. It is an AI Agent Skill for Claude Code / OpenClaw, with 139 downloads so far.

How do I install TencentCloud COS Storage?

Run "/install tencentcloud-cos-storage" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is TencentCloud COS Storage free?

Yes, TencentCloud COS Storage is completely free, licensed under MIT-0. You can download, install and use it at no cost.

Which platforms does TencentCloud COS Storage support?

TencentCloud COS Storage is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created TencentCloud COS Storage?

It is built and maintained by superStupidBear (@ugpoor); the current version is v1.1.0.

More Skills