ClawKit Logo
ClawKitReliability Toolkit
Back to Registry
Official Verified developer tools Safety 3/5

alicloud-security-cloudfw

Manage Alibaba Cloud Cloud Firewall (Cloudfw) via OpenAPI/SDK. Use whenever the user requests firewall policy/resource operations, change management, status checks, or troubleshooting Cloud Firewall API workflows.

skill-install — Terminal

Install via CLI (Recommended)

clawhub install openclaw/skills/skills/cinience/alicloud-security-cloudfw
Or

What This Skill Does

The alicloud-security-cloudfw skill serves as an interface for managing Alibaba Cloud Cloud Firewall resources. By leveraging the official Alibaba Cloud OpenAPI and SDKs, this skill enables automated policy management, infrastructure security monitoring, and incident response workflows. It is designed to handle common operational tasks such as listing firewall rules, creating protection policies, and querying the security status of cloud assets. The skill implements strict authentication protocols, ensuring that sensitive credentials are handled via environment variables or standard configuration files, adhering to the principle of least privilege.

Installation

To integrate this capability into your agent, use the ClawHub command-line tool. Run the following command in your terminal: clawhub install openclaw/skills/skills/cinience/alicloud-security-cloudfw After installation, ensure your environment is prepared by exporting your ALICLOUD_ACCESS_KEY_ID and ALICLOUD_ACCESS_KEY_SECRET. You may optionally set ALICLOUD_REGION_ID to target a specific region by default. Validation is performed automatically via the included scripts to confirm that the environment is correctly configured and the SDK dependencies are operational.

Use Cases

This skill is ideal for security engineers and DevOps teams who need to manage network security at scale. Key use cases include:

  • Auditing existing inbound and outbound firewall policies to identify overly permissive rules.
  • Automating the deployment of security group changes across multiple regions during incident response.
  • Programmatic health checks of firewall instances to verify that logging and threat detection are enabled.
  • Generating compliance reports by extracting firewall resource snapshots into the project output directory.

Example Prompts

  1. "List all active firewall rules in the cn-hangzhou region and save the output to the output folder."
  2. "Check the status of my Cloud Firewall instance and report if there are any critical unmitigated threats."
  3. "Create a new outbound firewall rule to block traffic to port 22 for the specified resource group."

Tips & Limitations

Always verify the regional scope before running any mutation operations such as policy creation or rule modification. For operations involving high-traffic environments, we recommend using the discovery metadata endpoints first to ensure your API parameters are aligned with the current schema. The skill is limited to the functionality provided by the 2017-12-07 Cloud Firewall API version. If you require advanced features from newer versions, ensure that your SDK environment is updated accordingly. Always check the output/alicloud-security-cloudfw/ directory after execution to verify your logs and generated artifacts.

Read Full Documentation on GitHub

Metadata

Author@cinience
Stars3562
Views1
Updated2026-03-29
View Author Profile
AI Skill Finder

Not sure this is the right skill?

Describe what you want to build — we'll match you to the best skill from 16,000+ options.

Find the right skill
Add to Configuration

Paste this into your clawhub.json to enable this plugin.

{
  "plugins": {
    "official-cinience-alicloud-security-cloudfw": {
      "enabled": true,
      "auto_update": true
    }
  }
}

Tags(AI)

#alicloud#firewall#security#cloud-ops#api
Safety Score: 3/5

Flags: network-access, file-write, external-api, code-execution

Related Skills

volcengine-compute-ecs

Manage Volcengine ECS instances and related resources. Use when users need instance inventory, lifecycle operations, troubleshooting, or automation templates for ECS.

cinience 3562

alicloud-ai-search-opensearch

Use OpenSearch vector search edition via the Python SDK (ha3engine) to push documents and run HA/SQL searches. Ideal for RAG and vector retrieval pipelines in Claude Code/Codex.

cinience 3562

alicloud-storage-oss-ossutil

Alibaba Cloud OSS CLI (ossutil 2.0) skill. Install, configure, and operate OSS from the command line based on the official ossutil overview.

cinience 3562

alicloud-platform-openapi-product-api-discovery

Discover and reconcile Alibaba Cloud product catalogs from Ticket System, Support & Service, and BSS OpenAPI; fetch OpenAPI product/version/API metadata; and summarize API coverage to plan new skills. Use when you need a complete product list, product-to-API mapping, or coverage/gap reports for skill generation.

cinience 3562

alicloud-ai-image-qwen-image

Generate images with Model Studio DashScope SDK using Qwen Image generation models (qwen-image, qwen-image-plus, qwen-image-max and snapshots). Use when implementing or documenting image.generate requests/responses, mapping prompt/negative_prompt/size/seed/reference_image, or integrating image generation into the video-agent pipeline.

cinience 3562