← 返回 Skills 市场

Alicloud Security Center Sas

Name: Alicloud Security Center Sas
Author: cinience

作者 cinience · GitHub ↗ · v1.0.3 · MIT-0

cross-platform ✓ 安全检测通过

1194

总下载

当前安装

版本数

在 OpenClaw 中安装

/install alicloud-security-center-sas

功能描述

Manage Alibaba Cloud Security Center (Sas) via OpenAPI/SDK. Use whenever the user needs Security Center resource operations, configuration updates, status qu...

使用说明 (SKILL.md)

Category: service

Security Center

Use Alibaba Cloud OpenAPI (RPC) with official SDKs or OpenAPI Explorer to manage resources for Security Center.

Workflow

Confirm region, resource identifiers, and desired action.
Discover API list and required parameters (see references).
Call API with SDK or OpenAPI Explorer.
Verify results with describe/list APIs.

AccessKey priority (must follow)

Environment variables: ALICLOUD_ACCESS_KEY_ID / ALICLOUD_ACCESS_KEY_SECRET / ALICLOUD_REGION_ID Region policy: ALICLOUD_REGION_ID is an optional default. If unset, decide the most reasonable region for the task; if unclear, ask the user.
Shared config file: ~/.alibabacloud/credentials

API discovery

Product code: Sas
Default API version: 2021-01-14
Use OpenAPI metadata endpoints to list APIs and get schemas (see references).

High-frequency operation patterns

Inventory/list: prefer List* / Describe* APIs to get current resources.
Change/configure: prefer Create* / Update* / Modify* / Set* APIs for mutations.
Status/troubleshoot: prefer Get* / Query* / Describe*Status APIs for diagnosis.

Minimal executable quickstart

Use metadata-first discovery before calling business APIs:

python scripts/list_openapi_meta_apis.py

Optional overrides:

python scripts/list_openapi_meta_apis.py --product-code \x3CProductCode> --version \x3CVersion>

The script writes API inventory artifacts under the skill output directory.

Output policy

If you need to save responses or generated artifacts, write them under: output/alicloud-security-center-sas/

Validation

mkdir -p output/alicloud-security-center-sas
for f in skills/security/host/alicloud-security-center-sas/scripts/*.py; do
  python3 -m py_compile "$f"
done
echo "py_compile_ok" > output/alicloud-security-center-sas/validate.txt

Pass criteria: command exits 0 and output/alicloud-security-center-sas/validate.txt is generated.

Output And Evidence

Save artifacts, command outputs, and API response summaries under output/alicloud-security-center-sas/.
Include key parameters (region/resource id/time range) in evidence files for reproducibility.

Prerequisites

Configure least-privilege Alibaba Cloud credentials before execution.
Prefer environment variables: ALICLOUD_ACCESS_KEY_ID, ALICLOUD_ACCESS_KEY_SECRET, optional ALICLOUD_REGION_ID.
If region is unclear, ask the user before running mutating operations.

References

Sources: references/sources.md

安全使用建议

This skill appears to be a straightforward helper for Alibaba Cloud Security Center: it fetches API metadata from api.aliyun.com and guides SDK/API calls. Before installing, note that SKILL.md expects you to provide Alibaba Cloud credentials (ALICLOUD_ACCESS_KEY_ID and ALICLOUD_ACCESS_KEY_SECRET or a ~/.alibabacloud/credentials file) even though the registry metadata did not list them. Only provide least-privilege credentials needed for the operations you want, and avoid running mutating actions without confirming region/resource IDs. If you need absolute assurance, ask the maintainer to update the manifest to declare the expected environment variables and to provide a signed source/homepage.

功能分析

Type: OpenClaw Skill Name: alicloud-security-center-sas Version: 1.0.3 The skill bundle is a legitimate tool for managing Alibaba Cloud Security Center (Sas) via its official OpenAPI. The included Python script (scripts/list_openapi_meta_apis.py) fetches public API metadata from official Alibaba Cloud endpoints (api.aliyun.com) and saves it locally for discovery purposes. While the instructions (SKILL.md) guide the agent to use sensitive credentials (ALICLOUD_ACCESS_KEY_ID), this is standard practice for cloud management tools, and there is no evidence of data exfiltration, malicious execution, or unauthorized access.

能力评估

ℹ Purpose & Capability

Name/description match the included material: SKILL.md and the Python script focus on discovering Sas OpenAPI metadata and guiding SDK/API calls. Minor inconsistency: the registry metadata lists no required environment variables, but the SKILL.md explicitly instructs use of Alibaba Cloud credentials (ALICLOUD_ACCESS_KEY_ID/ALICLOUD_ACCESS_KEY_SECRET and optional ALICLOUD_REGION_ID) and ~/.alibabacloud/credentials — these are reasonable for the stated purpose but should be declared in the manifest.

✓ Instruction Scope

Runtime instructions are scoped to API discovery, calling Alibaba Cloud APIs via SDK/OpenAPI Explorer, and saving artifacts under output/alicloud-security-center-sas/. The README warns to ask before mutating operations and to follow least-privilege credentials. It does not instruct reading unrelated system files or exfiltrating data.

✓ Install Mechanism

No install spec — instruction-only with a small helper script. The included script only performs an HTTPS GET from the official api.aliyun.com metadata endpoints and writes files under the skill output directory; no archives or third-party downloads are performed.

ℹ Credentials

The SKILL.md sensibly requests Alibaba Cloud credentials and an optional region; those are proportionate to managing Sas resources. However, the package metadata did not declare any required env vars or a primary credential, which is an inconsistency the user should be aware of before granting credentials.

✓ Persistence & Privilege

The skill is not forced-always, is user-invocable, and does not request elevated platform persistence or modify other skills. It does not enable autonomous permanent presence beyond normal model invocation.

如何使用

确保已安装 OpenClaw（本地或 Docker 部署）
在对话框中输入安装命令：/install alicloud-security-center-sas
安装完成后，直接呼叫该 Skill 的名称或使用 /alicloud-security-center-sas 触发
根据 Skill 的参数说明提供必要输入，即可获得结构化输出

版本历史

v1.0.3

batch publish from alicloud-skills on 2026-03-11

v1.0.2

batch publish from alicloud-skills on 2026-02-13

v1.0.1

Initial ClawHub publish for Alibaba Cloud skills with agents metadata.

v1.0.0

Initial ClawHub publish for Alibaba Cloud skills with agents metadata.

元数据

Slug alicloud-security-center-sas

版本 1.0.3

许可证 MIT-0

累计安装 2

当前安装数 2

历史版本数 4

常见问题