← 返回 Skills 市场

Pywayne Aliyun Oss

Name: Pywayne Aliyun Oss
Author: wangyendt

作者 wangyendt · GitHub ↗ · v0.1.0

cross-platform ⚠ suspicious

575

总下载

当前安装

版本数

在 OpenClaw 中安装

/install aliyun-oss-2

功能描述

Manage Aliyun OSS buckets in Python with upload, download, list, read, delete, copy, and move operations supporting authenticated and anonymous access.

使用说明 (SKILL.md)

Pywayne Aliyun OSS

pywayne.aliyun_oss.OssManager provides a comprehensive toolkit for managing Aliyun OSS (Object Storage Service) buckets.

Quick Start

from pywayne.aliyun_oss import OssManager

# Initialize with write permissions
oss = OssManager(
    endpoint="https://oss-cn-xxx.aliyuncs.com",
    bucket_name="my-bucket",
    api_key="your_api_key",
    api_secret="your_api_secret"
)

# Initialize with read-only (anonymous) access
oss = OssManager(
    endpoint="https://oss-cn-xxx.aliyuncs.com",
    bucket_name="my-bucket",
    verbose=False  # Disable verbose output
)

Upload Operations

Upload a local file

oss.upload_file(key="data/sample.txt", file_path="./sample.txt")

Upload text content

oss.upload_text(key="config/settings.json", text='{"key": "value"}')

Upload an image (numpy array)

import cv2
image = cv2.imread("photo.jpg")
oss.upload_image(key="photos/photo.jpg", image=image)

Upload entire directory

oss.upload_directory(local_path="./local_folder", prefix="remote_folder/")

Download Operations

Download a single file

# Preserve directory structure: downloads/data/sample.txt
oss.download_file(key="data/sample.txt", root_dir="./downloads")

# Use only basename: downloads/sample.txt
oss.download_file(key="data/sample.txt", root_dir="./downloads", use_basename=True)

Download files with prefix

oss.download_files_with_prefix(prefix="photos/", root_dir="./downloads")

Download entire directory

oss.download_directory(prefix="photos/", local_path="./downloads")

List Operations

List all keys in bucket

keys = oss.list_all_keys()  # Returns sorted list

List keys with prefix

keys = oss.list_keys_with_prefix(prefix="data/")

List directory contents (first level only)

contents = oss.list_directory_contents(prefix="data/")
# Returns: [("file1.txt", False), ("subdir", True), ...]

Read Operations

Read file content as string

content = oss.read_file_content(key="config/settings.json")

Check if file exists

if oss.key_exists("data/sample.txt"):
    print("File exists")

Get file metadata

metadata = oss.get_file_metadata("data/sample.txt")
# Returns: {'content_length': 1234, 'last_modified': ..., 'etag': ..., 'content_type': ...}

Delete Operations

Delete a single file

oss.delete_file(key="data/sample.txt")

Delete files with prefix

oss.delete_files_with_prefix(prefix="temp/")

Copy and Move Operations

Copy object within bucket

oss.copy_object(source_key="data/original.txt", target_key="backup/original.txt")

Move object within bucket

oss.move_object(source_key="data/temp.txt", target_key="archive/temp.txt")

Important Notes

Write permissions: Upload, delete, copy, and move operations require api_key and api_secret
Anonymous access: Omit api_key and api_secret for read-only access
Directory handling: OSS doesn't have real directories - use prefixes (keys ending with /)
Natural sorting: list_all_keys() and list_keys_with_prefix() use natural sorting by default
Verbose output: All methods print status messages when verbose=True (default)

安全使用建议

This skill documents a Python API for Aliyun OSS but contains no code or install instructions and doesn't declare the API credentials it expects. Before installing or using it: 1) ask the publisher for the package source (PyPI name or GitHub repo) and an explicit install command you can review; 2) do not paste your api_key/api_secret into chat — prefer providing credentials via secure environment variables or a secrets manager; 3) verify the package's provenance and review its code (or use the official aliyun OSS SDK) before allowing the agent to pip-install anything; 4) if you need image uploads, confirm dependencies like opencv-python (cv2) are safe to install. These steps will reduce the chance of the agent fetching or running unexpected third-party code.

功能分析

Type: OpenClaw Skill Name: aliyun-oss-2 Version: 0.1.0 The skill bundle provides a Python toolkit for managing Aliyun OSS, including operations like upload, download, list, delete, copy, and move objects. All described functionalities are standard for a cloud storage management tool. There is no evidence of malicious intent, such as data exfiltration, unauthorized command execution, persistence mechanisms, or prompt injection attempts against the AI agent in the SKILL.md file. The use of API keys for authenticated access is a legitimate requirement for interacting with cloud services.

能力评估

⚠ Purpose & Capability

The described purpose (manage Aliyun OSS with authenticated write and anonymous read) is coherent with the API shown in SKILL.md (endpoint, bucket, api_key/api_secret). However the skill bundle contains no code or install spec for the 'pywayne.aliyun_oss' package it instructs you to import, and the registry metadata lists no required credentials even though write operations require API keys. This mismatch is unexpected.

ℹ Instruction Scope

The runtime instructions are narrowly scoped to OSS operations (upload/download/list/delete/copy/move) and reference only OSS endpoints and local file paths. They do not direct reading unrelated system files or sending data to services outside OSS. However the instructions assume availability of a Python package and optional libraries like cv2 (for images) without telling how to install them; they also show passing api_key/api_secret but give no guidance on secure credential storage or environment variables.

⚠ Install Mechanism

There is no install specification and no code files. SKILL.md expects import of 'pywayne.aliyun_oss', but nothing in the skill provides that module or explains how to obtain it (no pip name, no repository, no instructions). That leaves it unclear whether the agent will attempt to fetch arbitrary third-party code at runtime — an installation step that should be explicit.

⚠ Credentials

The package metadata declares no required environment variables or primary credential, yet SKILL.md explicitly uses api_key and api_secret for write operations. This mismatch means credentials may be requested ad-hoc at runtime or passed in chat, increasing the risk of accidental secret disclosure. The skill does not request unrelated credentials, but its credential handling is under-specified.

✓ Persistence & Privilege

The skill is not marked always:true and does not request persistent system-wide configuration or cross-skill modifications. It is user-invocable and allows autonomous invocation by default (platform standard), which is expected.

如何使用

确保已安装 OpenClaw（本地或 Docker 部署）
在对话框中输入安装命令：/install aliyun-oss-2
安装完成后，直接呼叫该 Skill 的名称或使用 /aliyun-oss-2 触发
根据 Skill 的参数说明提供必要输入，即可获得结构化输出

版本历史

v0.1.0

Initial release of pywayne-aliyun-oss, a Python toolkit for Aliyun OSS file management: - Upload files, text, images, and directories to OSS buckets. - Download individual files or entire directories, supporting prefix-based operations. - List keys and directory-like contents with natural sorting. - Read file contents, check existence, and retrieve metadata. - Delete files individually or by prefix. - Copy and move objects within a bucket. - Supports both authenticated (read/write) and anonymous (read-only) access. - Optional verbose output for operation status messages.

元数据

Slug aliyun-oss-2

版本 0.1.0

许可证 —

累计安装 0

当前安装数 0

历史版本数 1

常见问题