← 返回 Skills 市场

Aliyun Sas Manage

Name: Aliyun Sas Manage
Author: cinience

作者 cinience · GitHub ↗ · v1.0.0 · MIT-0

cross-platform ⚠ suspicious

总下载

当前安装

版本数

在 OpenClaw 中安装

/install aliyun-sas-manage

功能描述

Use when managing Alibaba Cloud Security Center (Sas) via OpenAPI/SDK, including the user needs Security Center resource operations, configuration updates, s...

使用说明 (SKILL.md)

Category: service

Security Center

Use Alibaba Cloud OpenAPI (RPC) with official SDKs or OpenAPI Explorer to manage resources for Security Center.

Workflow

Confirm region, resource identifiers, and desired action.
Discover API list and required parameters (see references).
Call API with SDK or OpenAPI Explorer.
Verify results with describe/list APIs.

AccessKey priority (must follow)

Environment variables: ALICLOUD_ACCESS_KEY_ID / ALICLOUD_ACCESS_KEY_SECRET / ALICLOUD_REGION_ID Region policy: ALICLOUD_REGION_ID is an optional default. If unset, decide the most reasonable region for the task; if unclear, ask the user.
Shared config file: ~/.alibabacloud/credentials

API discovery

Product code: Sas
Default API version: 2021-01-14
Use OpenAPI metadata endpoints to list APIs and get schemas (see references).

High-frequency operation patterns

Inventory/list: prefer List* / Describe* APIs to get current resources.
Change/configure: prefer Create* / Update* / Modify* / Set* APIs for mutations.
Status/troubleshoot: prefer Get* / Query* / Describe*Status APIs for diagnosis.

Minimal executable quickstart

Use metadata-first discovery before calling business APIs:

python scripts/list_openapi_meta_apis.py

Optional overrides:

python scripts/list_openapi_meta_apis.py --product-code \x3CProductCode> --version \x3CVersion>

The script writes API inventory artifacts under the skill output directory.

Output policy

If you need to save responses or generated artifacts, write them under: output/aliyun-sas-manage/

Validation

mkdir -p output/aliyun-sas-manage
for f in skills/security/host/aliyun-sas-manage/scripts/*.py; do
  python3 -m py_compile "$f"
done
echo "py_compile_ok" > output/aliyun-sas-manage/validate.txt

Pass criteria: command exits 0 and output/aliyun-sas-manage/validate.txt is generated.

Output And Evidence

Save artifacts, command outputs, and API response summaries under output/aliyun-sas-manage/.
Include key parameters (region/resource id/time range) in evidence files for reproducibility.

Prerequisites

Configure least-privilege Alibaba Cloud credentials before execution.
Prefer environment variables: ALICLOUD_ACCESS_KEY_ID, ALICLOUD_ACCESS_KEY_SECRET, optional ALICLOUD_REGION_ID.
If region is unclear, ask the user before running mutating operations.

References

Sources: references/sources.md

安全使用建议

This skill appears to be a legitimate Alibaba Cloud Security Center helper, but the package metadata fails to declare that it needs your ALICLOUD_ACCESS_KEY_ID and ALICLOUD_ACCESS_KEY_SECRET (or ~/.alibabacloud/credentials). Before installing: 1) confirm the publisher/source and ask them to update the registry to list required env vars; 2) use least-privilege or temporary Alibaba Cloud credentials (do not use root keys); 3) run the skill in an isolated environment or container if possible; 4) review output/aliyun-sas-manage/ after runs and avoid writing long-lived secrets or full credential files into that directory; 5) if you need to allow autonomous agent invocation, be aware the agent could perform API calls using provided credentials — only grant permissions required for the specific operations.

功能分析

Type: OpenClaw Skill Name: aliyun-sas-manage Version: 1.0.0 The skill bundle is a legitimate tool for managing Alibaba Cloud Security Center (Sas) via its OpenAPI. The included script 'scripts/list_openapi_meta_apis.py' safely fetches API metadata from official Alibaba Cloud endpoints (api.aliyun.com) to assist the agent in discovering available operations, and the credential handling instructions in 'SKILL.md' follow standard cloud security practices.

能力评估

ℹ Purpose & Capability

The name/description align with the included script and instructions: this is a tool for discovering and calling Alibaba Cloud Security Center (Sas) OpenAPI. Requiring Alibaba Cloud credentials is expected for the purpose. However the registry metadata lists no required environment variables or primary credential while SKILL.md explicitly expects ALICLOUD_ACCESS_KEY_ID / ALICLOUD_ACCESS_KEY_SECRET and optionally ALICLOUD_REGION_ID (or ~/.alibabacloud/credentials), which is an inconsistency between claimed requirements and actual instructions.

⚠ Instruction Scope

SKILL.md instructs the agent to use SDK/OpenAPI with cloud credentials, run the included script that fetches metadata from api.aliyun.com, and save artifacts and 'key parameters' (region/resource id/time range) to output/. Saving these parameters may persist sensitive identifiers. The instructions also give the agent discretion to pick a region if environment variables are unset, which is vague and broad. The instructions do not ask for unrelated system files, and the script itself only fetches public OpenAPI metadata, but the overall guidance to include credential-sourced operations and evidence files increases risk if credentials or sensitive identifiers are mishandled.

✓ Install Mechanism

Instruction-only skill with a small Python script; no install spec, no downloads, no archive extraction. The included script uses urllib to GET official api.aliyun.com metadata — this is low install risk.

⚠ Credentials

SKILL.md requires Alibaba Cloud access keys (env vars or shared credentials file) which are proportional to managing SAS. But the registry metadata did not declare these required env vars or a primary credential, creating a transparency gap. The instructions also request writing 'key parameters' to disk (which may include resource IDs or time ranges) — users should be careful about where evidence is stored and who can access those files. Overall the credentials requested are appropriate for the task, but their omission from declared requirements is a red flag.

✓ Persistence & Privilege

always:false and no install script that modifies other skills or global agent settings. The skill does write output under its own output/aliyun-sas-manage/ directory (normal). It does not request permanent platform-wide privileges.

如何使用

确保已安装 OpenClaw（本地或 Docker 部署）
在对话框中输入安装命令：/install aliyun-sas-manage
安装完成后，直接呼叫该 Skill 的名称或使用 /aliyun-sas-manage 触发
根据 Skill 的参数说明提供必要输入，即可获得结构化输出

版本历史

v1.0.0

Initial release of aliyun-sas-manage: - Provides tools and workflows for managing Alibaba Cloud Security Center (Sas) using OpenAPI/SDK. - Supports inventory, configuration updates, status queries, and troubleshooting for Sas resources. - Guides credential management with environment variables or config files. - Includes sample scripts for API discovery and quickstart execution. - Defines output and validation policies for reproducibility and evidence collection.

元数据

Slug aliyun-sas-manage

版本 1.0.0

许可证 MIT-0

累计安装 0

当前安装数 0

历史版本数 1

常见问题