aliyun-openclaw-setup

The skill’s capabilities mostly match its stated deployment purpose, so it is not fundamentally deceptive. However, it carries medium-high security risk because it combines root SSH access, remote install-and-execute steps, plugin installation from npm/GitHub, and instructions to derive executable steps from external documentation before applying them on a host.