← Back to Skills Marketplace
cinience

Alicloud Security Cloudfw

by cinience · GitHub ↗ · v1.0.3 · MIT-0
cross-platform ⚠ suspicious
1178
Downloads
0
Stars
2
Active Installs
4
Versions
Install in OpenClaw
/install alicloud-security-cloudfw
Description
Manage Alibaba Cloud Cloud Firewall (Cloudfw) via OpenAPI/SDK. Use whenever the user requests firewall policy/resource operations, change management, status...
README (SKILL.md)

Category: service

Cloud Firewall

Use Alibaba Cloud OpenAPI (RPC) with official SDKs or OpenAPI Explorer to manage resources for Cloud Firewall.

Workflow

  1. Confirm region, resource identifiers, and desired action.
  2. Discover API list and required parameters (see references).
  3. Call API with SDK or OpenAPI Explorer.
  4. Verify results with describe/list APIs.

AccessKey priority (must follow)

  1. Environment variables: ALICLOUD_ACCESS_KEY_ID / ALICLOUD_ACCESS_KEY_SECRET / ALICLOUD_REGION_ID Region policy: ALICLOUD_REGION_ID is an optional default. If unset, decide the most reasonable region for the task; if unclear, ask the user.
  2. Shared config file: ~/.alibabacloud/credentials

API discovery

  • Product code: Cloudfw
  • Default API version: 2017-12-07
  • Use OpenAPI metadata endpoints to list APIs and get schemas (see references).

High-frequency operation patterns

  1. Inventory/list: prefer List* / Describe* APIs to get current resources.
  2. Change/configure: prefer Create* / Update* / Modify* / Set* APIs for mutations.
  3. Status/troubleshoot: prefer Get* / Query* / Describe*Status APIs for diagnosis.

Minimal executable quickstart

Use metadata-first discovery before calling business APIs:

python scripts/list_openapi_meta_apis.py

Optional overrides:

python scripts/list_openapi_meta_apis.py --product-code \x3CProductCode> --version \x3CVersion>

The script writes API inventory artifacts under the skill output directory.

Output policy

If you need to save responses or generated artifacts, write them under: output/alicloud-security-cloudfw/

Validation

mkdir -p output/alicloud-security-cloudfw
for f in skills/security/firewall/alicloud-security-cloudfw/scripts/*.py; do
  python3 -m py_compile "$f"
done
echo "py_compile_ok" > output/alicloud-security-cloudfw/validate.txt

Pass criteria: command exits 0 and output/alicloud-security-cloudfw/validate.txt is generated.

Output And Evidence

  • Save artifacts, command outputs, and API response summaries under output/alicloud-security-cloudfw/.
  • Include key parameters (region/resource id/time range) in evidence files for reproducibility.

Prerequisites

  • Configure least-privilege Alibaba Cloud credentials before execution.
  • Prefer environment variables: ALICLOUD_ACCESS_KEY_ID, ALICLOUD_ACCESS_KEY_SECRET, optional ALICLOUD_REGION_ID.
  • If region is unclear, ask the user before running mutating operations.

References

  • Sources: references/sources.md
Usage Guidance
This skill appears to be a legitimate Alibaba Cloud Cloudfw helper, but there are transparency gaps you should address before installing or running it: - The SKILL.md expects ALICLOUD_ACCESS_KEY_ID / ALICLOUD_ACCESS_KEY_SECRET and a ~/.alibabacloud/credentials file, yet the registry metadata declares no required credentials — ask the publisher to correct the metadata or explicitly confirm what credentials will be used. - Treat credentials cautiously: provide least-privilege keys (ideally read-only when you first test), and do not expose full admin keys unless you understand and trust the skill. - Because the instructions permit mutating API calls (Create/Update/Modify), require the skill to prompt for explicit user confirmation before performing any non-read-only operation. - The included script only fetches public API metadata from api.aliyun.com and is benign, but the agent runtime (per SKILL.md) may invoke SDKs that use credentials. Verify or request that the skill document a safe default (e.g., dry-run/read-only mode) and a clear confirmation step for changes. - Confirm where outputs will be saved (output/alicloud-security-cloudfw/) and avoid sharing those artifacts if they contain resource identifiers or timestamps you consider sensitive. - Because the source/homepage is unknown, consider reviewing the full skill code and SKILL.md locally, and run it first in an isolated environment with limited credentials. If the publisher updates the registry metadata to declare the required env vars/config paths and adds an explicit confirmation flow for mutating operations, that would increase confidence; until then, proceed cautiously.
Capability Analysis
Type: OpenClaw Skill Name: alicloud-security-cloudfw Version: 1.0.3 The skill bundle is a legitimate tool for managing Alibaba Cloud Firewall (Cloudfw) via official OpenAPI metadata. The primary script, `scripts/list_openapi_meta_apis.py`, safely fetches API documentation from Alibaba Cloud's official metadata endpoint (api.aliyun.com) and saves it locally for the agent's reference, with no evidence of data exfiltration, malicious execution, or prompt injection.
Capability Assessment
Purpose & Capability
The name/description match the code and SKILL.md: this is an Alibaba Cloud Cloudfw management helper. However, SKILL.md explicitly instructs use of ALICLOUD_ACCESS_KEY_ID / ALICLOUD_ACCESS_KEY_SECRET and ~/.alibabacloud/credentials, yet the registry metadata declares no required env vars or config paths. That discrepancy is unexpected and reduces transparency about what privileges the skill will need at runtime.
Instruction Scope
The SKILL.md directs the agent to perform discovery, SDK/OpenAPI calls (including Create/Update/Modify operations) and to use credentials from env vars or the shared credentials file. The included script itself only fetches public API metadata, but the instructions explicitly authorize mutating operations and accessing credential sources (env vars, ~/.alibabacloud/credentials). Those file/env accesses are not reflected in the skill's declared requirements and could lead to credential use that the registry metadata doesn't make obvious.
Install Mechanism
No install spec; the skill is instruction-first and ships a small Python script that fetches public metadata from api.aliyun.com and writes outputs to output/alicloud-security-cloudfw/. No archives or external installers are downloaded or executed.
Credentials
SKILL.md asks for Alibaba Cloud access key/secret and optional region and for reading the shared credentials file, but the skill metadata lists no required env vars or config paths. Requesting full access keys for a skill that could be used only for discovery is reasonable in some contexts, but the missing declaration is disproportionate and reduces user ability to enforce least privilege. The SKILL.md also instructs to include key parameters (region/resource id/time range) in output artifacts, which could leak sensitive identifiers if outputs are shared.
Persistence & Privilege
The skill does not request always:true and does not modify other skills or system-wide settings. It writes outputs under its own output directory per the docs, which is normal. There is no install-time persistence mechanism.
How to Use
  1. Make sure OpenClaw is installed (local or Docker)
  2. Run the install command in chat: /install alicloud-security-cloudfw
  3. After installation, invoke the skill by name or use /alicloud-security-cloudfw
  4. Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.3
batch publish from alicloud-skills on 2026-03-11
v1.0.2
batch publish from alicloud-skills on 2026-02-13
v1.0.1
Initial ClawHub publish for Alibaba Cloud skills with agents metadata.
v1.0.0
Initial ClawHub publish for Alibaba Cloud skills with agents metadata.
Metadata
Slug alicloud-security-cloudfw
Version 1.0.3
License MIT-0
All-time Installs 2
Active Installs 2
Total Versions 4
Frequently Asked Questions

What is Alicloud Security Cloudfw?

Manage Alibaba Cloud Cloud Firewall (Cloudfw) via OpenAPI/SDK. Use whenever the user requests firewall policy/resource operations, change management, status... It is an AI Agent Skill for Claude Code / OpenClaw, with 1178 downloads so far.

How do I install Alicloud Security Cloudfw?

Run "/install alicloud-security-cloudfw" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is Alicloud Security Cloudfw free?

Yes, Alicloud Security Cloudfw is completely free, licensed under MIT-0. You can download, install and use it at no cost.

Which platforms does Alicloud Security Cloudfw support?

Alicloud Security Cloudfw is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created Alicloud Security Cloudfw?

It is built and maintained by cinience (@cinience); the current version is v1.0.3.

More Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463368 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259467 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200457 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191163 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190189 · by oswalpalash

💬 Comments