← 返回 Skills 市场
88
总下载
0
收藏
0
当前安装
1
版本数
在 OpenClaw 中安装
/install tencentcloud-tke-skill
功能描述
腾讯云 TKE 容器服务全栈运维专家,支持集群管理、K8s 资源操作、Pod 排障、Helm 部署、TCR 镜像仓库管理
安全使用建议
This skill appears to implement a legitimate TKE + Kubernetes CLI, but the registry metadata fails to declare the sensitive credentials and required binaries the scripts use. Before installing: 1) Review the two Python files (tke_cli.py, k8s_cli.py) yourself or have a trusted reviewer confirm there are no hidden network endpoints or exfiltration logic; 2) Only provide Tencent Cloud credentials with least privilege (scoped, temporary if possible); avoid using your root/owner keys; 3) Be aware the tool will read KUBECONFIG and ~/.kube/config (these contain cluster admin credentials); consider using a dedicated kubeconfig with limited rights; 4) Ensure kubectl and helm are the versions you expect and run the tool in an isolated environment if possible; 5) Ask the author/maintainer to update the skill manifest to declare required env vars (TENCENTCLOUD_SECRET_ID/TENCENTCLOUD_SECRET_KEY), and mention required binaries (kubectl, helm, python) so the metadata accurately reflects runtime needs.
功能分析
Type: OpenClaw Skill
Name: tencentcloud-tke-skill
Version: 1.0.0
The skill bundle provides a legitimate and well-structured set of administrative tools for managing Tencent Kubernetes Engine (TKE) and Kubernetes resources. The Python scripts (tke_cli.py and k8s_cli.py) wrap official Tencent Cloud SDKs and standard binaries (kubectl, helm) to perform cluster operations, registry management, and RBAC configuration. Security practices are observed, such as using subprocess lists to prevent shell injection, setting 0600 permissions on temporary kubeconfig files, and providing dry-run options for destructive actions. No evidence of data exfiltration, unauthorized persistence, or malicious prompt injection was found.
能力标签
能力评估
Purpose & Capability
Name/description describe a Tencent Cloud TKE + Kubernetes operator and the included Python tools (tke_cli.py, k8s_cli.py) implement that functionality. However the registry metadata declares no required env vars or binaries while the SKILL.md and the code clearly require TENCENTCLOUD credentials, kubeconfig (or KUBECONFIG/~/.kube/config) and external binaries (kubectl, helm). The missing declarations are an inconsistency.
Instruction Scope
SKILL.md instructs the agent to run the included Python scripts via Bash and to read environment variables and kubeconfig files. k8s_cli.py will search KUBECONFIG and ~/.kube/config and can fetch kubeconfig via tke_cli.py. Those behaviors are expected for this tool, but the instructions allow access to local kubeconfig files and environment variables that are not declared in the registry metadata, increasing the risk of accidental credential exposure.
Install Mechanism
No install spec (instruction-only) is provided; risk from installation is low. The skill does include code files that will be executed by the agent (Python scripts) but there are no downloads or archive extracts referenced. Users should still review the code before running.
Credentials
The code requires sensitive credentials (TENCENTCLOUD_SECRET_ID and TENCENTCLOUD_SECRET_KEY) and access to kubeconfig files (which can contain cluster credentials). Those requests are proportionate to the stated purpose, but the registry metadata lists no required env vars — a discrepancy that can mislead users and cause them to supply high-privilege secrets unknowingly. Also kubectl/helm usage implies the ability to modify cluster state (including creating/deleting resources and exec into pods).
Persistence & Privilege
The skill is not always:true and does not request persistent platform-level privileges. It creates temporary kubeconfig files with restrictive file permissions (0o600) when fetching from TKE API. There is no evidence it modifies other skills or system-wide agent settings.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install tencentcloud-tke-skill - 安装完成后,直接呼叫该 Skill 的名称或使用
/tencentcloud-tke-skill触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.0
tencentcloud-tke-skill 1.0.0
- Initial release of the TKE StackOps skill for Tencent Cloud container service (TKE)
- Supports full-stack TKE operations via two CLI tools: tke_cli.py (Tencent Cloud API for cluster/TCR management) and k8s_cli.py (Kubernetes cluster resource operations)
- Provides commands for managing clusters, endpoints, node pools, and TCR (container registry) resources
- Allows Kubernetes resource viewing, troubleshooting, and Helm deployments, with flexible kubeconfig and credential handling
- Includes detailed usage examples and dependency requirements for quick onboarding
元数据
常见问题
tencentcloud-tke-skill 是什么?
腾讯云 TKE 容器服务全栈运维专家,支持集群管理、K8s 资源操作、Pod 排障、Helm 部署、TCR 镜像仓库管理. 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 88 次。
如何安装 tencentcloud-tke-skill?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install tencentcloud-tke-skill」即可一键安装,无需额外配置。
tencentcloud-tke-skill 是免费的吗?
是的,tencentcloud-tke-skill 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。
tencentcloud-tke-skill 支持哪些平台?
tencentcloud-tke-skill 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 tencentcloud-tke-skill?
由 腾讯开源(@tencent-adm)开发并维护,当前版本 v1.0.0。
推荐 Skills