← 返回 Skills 市场
Tencent Cloud COS
作者
ShawnmZhang
· GitHub ↗
· v1.1.5
· MIT-0
1874
总下载
0
收藏
2
当前安装
9
版本数
在 OpenClaw 中安装
/install tencentcloud-cos
功能描述
腾讯云对象存储(COS)和数据万象(CI)集成技能。覆盖文件存储管理、AI处理和知识库三大核心场景。 存储场景:上传文件到云端、下载云端文件、批量管理存储桶文件、获取文件签名链接分享、查看文件元信息。 图片处理场景:图片质量评估打分、AI超分辨率放大、AI智能裁剪、二维码/条形码识别、添加文字水印、获取图片EXI...
安全使用建议
This skill is coherent: it uses the official COS Node.js SDK and legitimately needs Tencent cloud credentials and bucket/region info. Before installing: 1) Prefer STS temporary credentials and a least-privilege sub-account (the script recommends this). 2) Run scripts/setup.sh --check-only first to see current state. 3) If you must persist credentials, use the provided encrypt-env flow; otherwise keep creds in the session only. 4) Review the included scripts locally (they are present and readable) and verify you are comfortable with npm installing cos-nodejs-sdk-v5 in the project. 5) Note the registry metadata mismatch: the top-level metadata omitted required envs even though SKILL.md/code require them — verify the platform will supply the declared secrets mapping before enabling the skill. If you are concerned about autonomous invocation, consider controlling which agent runs have permission to call this skill (the skill is not forced-always-on).
功能分析
Type: OpenClaw Skill
Name: tencentcloud-cos
Version: 1.1.5
The skill bundle is a well-structured and professional integration for Tencent Cloud COS and CI services. It demonstrates strong security awareness by implementing local credential encryption (AES-256-GCM in scripts/cos_node.mjs), recommending STS temporary tokens, and explicitly forbidding destructive actions like bucket deletion. The setup script (scripts/setup.sh) follows best practices by setting restrictive file permissions (600) and automatically updating .gitignore to prevent secret leakage. All network requests are hardcoded to legitimate Tencent Cloud domains (*.myqcloud.com), and no evidence of data exfiltration or malicious intent was found.
能力标签
能力评估
Purpose & Capability
The skill's name/description (COS + CI + MetaInsight) matches the included Node.js script and SDK usage. It legitimately requires Tencent cloud credentials (SecretId/SecretKey and optional Token) and bucket/region config. One minor inconsistency: the top-level registry metadata shown earlier listed no required env vars/primary credential, but the SKILL.md/openclaw metadata and code do require cloud credentials — this is a metadata mismatch, not a functional problem.
Instruction Scope
SKILL.md and scripts instruct the agent to prompt for credentials, run a local setup script, install the cos-nodejs-sdk-v5 package, and call COS/CI APIs. The runtime instructions and code only read/write local .env/.env.enc in the project directory and call Tencent endpoints; they do not reference unrelated system paths or external endpoints beyond the Tencent service domains. The code falls back to reading a plaintext .env if decryption fails, which is a behavior to be aware of.
Install Mechanism
Installation is a normal npm install of cos-nodejs-sdk-v5 invoked by the included setup.sh. npm installs are standard but carry the usual supply-chain risks of public registry packages; no downloads from arbitrary URLs or extract-from-remote-archive steps were observed.
Credentials
Requested credentials (SecretId/SecretKey and optional STS Token) and config (Region/Bucket, optional DatasetName) are appropriate and necessary for the documented COS/CI/MetaInsight operations. The skill documents ephemeral/optional persistent storage for credentials and recommends STS and least-privilege sub-account keys. Persisting to .env will store plaintext unless the user runs the provided encryption step.
Persistence & Privilege
always is false and the skill does not request elevated or platform-wide privileges. It may persist credentials to files in its own project directory (.env or .env.enc) if the user opts in; encryption is implemented and bound to the local machine/user. The skill does not modify other skills or system-wide settings.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install tencentcloud-cos - 安装完成后,直接呼叫该 Skill 的名称或使用
/tencentcloud-cos触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.1.5
No changes detected in this release.
- Version bumped to 1.1.5.
- No file or functionality changes.
v1.1.4
tencentcloud-cos v1.1.4
- No file changes detected in this version.
- No user-visible updates or new features.
- Documentation, code, and skill behavior remain unchanged from the previous version.
v1.1.3
No changes detected in this version.
- No file changes between version 1.1.2 and 1.1.3.
- No updates to features, security, or documentation.
v1.1.2
tencentcloud-cos 1.1.2
- 增加中英文简要描述(description_zh, description_en)与多功能场景标签,方便国际化与搜索
- 功能和安全流程、能力列表未改动,行为与上个版本一致
- 文件无变更,仅 metadata 信息补充,兼容性无影响
v1.1.1
**v1.1.1 — Minor update, sample reference file removed**
- Removed sample config template: `references/config_template.json`.
- No impact to runtime features or APIs.
- All core functionality and documentation remain unchanged.
v1.0.6
**tencentcloud-cos v1.0.6**
- 新增支持自定义域名、服务域名及协议配置(Domain、ServiceDomain、Protocol),安装与使用流程同步完善。
- `setup.sh` 现在支持更多参数,可接收 `--domain`、`--service-domain`、`--protocol` 等选项。
- Node.js SDK 脚本和 COSCMD 流程说明,完善了自定义域名环境变量传递和兼容性提示。
- 文档中增补了各自定义参数用途和作用范围说明。
- 兼容性和参数校验流程细化,提升多环境适用性和用户体验。
v1.0.5
- **首次支持一键自动配置脚本。**
- 新增 scripts/setup.sh,实现「环境检查」「凭证设置」「自动依赖安装」和快速初始化。
- 更新执行策略:首次使用时通过 setup.sh 检查并配置 mcporter/cos-mcp/SDK/COSCMD 凭证与依赖。
- 文档新增「首次使用」操作流程,引导用户使用 setup.sh 完成全部配置。
- 实现更标准的多方式自动降级调用(mcporter/SDK/COSCMD),环境少步骤手动干预。
v1.0.3
**v1.0.3 changelog**
- Major simplification of skill package: removed 10 sample/docs/scripts/test files, added 3 focused reference/config/script files.
- SKILL.md fully rewritten—clearer three-tier fallback strategy (cos-mcp > Node.js SDK > coscmd), new concise description, and improved environment/config instructions.
- Usage documentation now modular and focused: detailed tool/command mapping per execution method; feature sets and limitations of each method clearly compared in a new capability matrix.
- Added `scripts/cos_node.mjs` (Node.js SDK driver), and sample config (`references/config_template.json`).
- All end-user instructions updated for streamlined setup and safer credential handling.
- Legacy project-specific and extraneous documentation (quickstart, examples, dev/test scripts) removed for clarity.
v1.0.0
- 初始发布,集成腾讯云对象存储(COS)和数据万象(CI)能力,基于官方MCP服务器。
- 支持文件上传、下载、列表、管理等基本存储操作。
- 提供图片识别、质量评估、分辨率提升、智能抠图、水印等图片处理功能。
- 支持以图搜图、文本搜图等智能搜索能力。
- 包含文档转PDF、视频封面生成等文档/视频处理能力。
- 提供详细安装使用指南、安全建议及故障排除说明。
元数据
常见问题
Tencent Cloud COS 是什么?
腾讯云对象存储(COS)和数据万象(CI)集成技能。覆盖文件存储管理、AI处理和知识库三大核心场景。 存储场景:上传文件到云端、下载云端文件、批量管理存储桶文件、获取文件签名链接分享、查看文件元信息。 图片处理场景:图片质量评估打分、AI超分辨率放大、AI智能裁剪、二维码/条形码识别、添加文字水印、获取图片EXI... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 1874 次。
如何安装 Tencent Cloud COS?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install tencentcloud-cos」即可一键安装,无需额外配置。
Tencent Cloud COS 是免费的吗?
是的,Tencent Cloud COS 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。
Tencent Cloud COS 支持哪些平台?
Tencent Cloud COS 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 Tencent Cloud COS?
由 ShawnmZhang(@shawnminh)开发并维护,当前版本 v1.1.5。
推荐 Skills