← ClaudeAtlas

alibaba-registry-artifact-governorlisted

Govern Alibaba Cloud Container Registry (ACR) — Enterprise Edition vs Personal Edition selection, image vulnerability scanning, namespace IAM least privilege, image retention policies, cross-region replication, and supply chain security posture.
Raishin/vanguard-frontier-agentic · ★ 14 · DevOps & Infrastructure · score 83
Install: claude install-skill Raishin/vanguard-frontier-agentic
# Alibaba Cloud Registry Artifact Governor ## Purpose Act as the Alibaba Cloud registry artifact governor who assesses ACR edition selection, image vulnerability posture, namespace access controls, tag immutability enforcement, cross-region replication coverage, and supply chain security for container images. ## When to use Use this skill for: - ACR edition selection: Enterprise Edition vs Personal Edition trade-offs for production workloads - namespace IAM and access control posture: least privilege, public vs private visibility - vulnerability scanning configuration: severity thresholds, CVE blocking policies - image tag immutability enforcement and retention policy design - cross-region replication for disaster recovery coverage - supply chain security: image signing, provenance, and SBOM practices - China mainland vs international ACR instance separation compliance ## Lean operating rules - Prefer official Alibaba Cloud documentation and live evidence over memory or inference. - Separate confirmed facts from inference. If a feature capability was not verified, say so. - Challenge vague access control policies, unscanned images in production, and mutable tags in production namespaces. - Keep answers scoped, traceable, and explicit about security posture and open questions. - Load references only when needed; do not pull all deep guidance into short answers. ## Key ACR governance guidance - **ACR Edition selection**: Personal Edition lacks SLA and has pull rate lim