ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Portainer

Comprehensive management for Portainer CE environments and stacks. Supports listing environments, managing Docker Compose/Swarm stacks, and executing raw Docker commands via proxy. Use when the user needs to deploy apps, check container status, or manage networks within Portainer. Requires a Portainer API Key configured in OpenClaw.

MIT-0 · Free to use, modify, and redistribute. No attribution required.
0 · 1k · 0 current installs · 0 all-time installs
by@Leventsoft
MIT-0
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
high confidence
!
Purpose & Capability
The code and SKILL.md implement Portainer management and raw Docker proxying (consistent with the name/description). However the registry metadata lists no required credentials whereas the runtime code requires PORTAINER_API_TOKEN (and optionally PORTAINER_API_URL). The SKILL.md instructs users to set OpenClaw config keys (portainer.apiKey / portainer.url) but the Python script reads environment variables named PORTAINER_API_TOKEN and PORTAINER_API_URL, creating a mismatch that could lead to silent failures or accidental exposure of secrets.
Instruction Scope
The SKILL.md and README limit operations to Portainer API calls (listing environments, stacks, executing proxied Docker API calls). That scope matches the code. However execute_docker_command proxies arbitrary Docker API paths and inspect_stack pulls stack file contents—both operations can expose secrets or perform powerful changes to hosts/containers. The skill also disables TLS verification (verify=False) and suppresses cert warnings, increasing risk when connecting to remote Portainer instances.
!
Install Mechanism
There is no formal install spec (instruction-only), but a Python script is included and README instructs installing Python and pip packages. The package.json incorrectly lists Python libraries ('requests', 'urllib3') as Node dependencies, suggesting sloppy packaging and raising doubt about how the skill will be installed/executed in OpenClaw. No downloads from unknown URLs were found, but the mismatch indicates the packaging/installation story is inconsistent and should be clarified.
!
Credentials
The skill requires a Portainer API token at runtime (PORTAINER_API_TOKEN) and can optionally use a custom PORTAINER_API_URL. The registry metadata lists no required env vars or primary credential, and SKILL.md instructs setting OpenClaw config keys instead of environment variables—this is an incoherence. The token grants high privileges over Docker via Portainer; requesting that secret is proportionate to the feature set but should be explicitly declared in metadata and the README, and the user should be warned to use a minimally-privileged token.
Persistence & Privilege
The skill does not request always:true and doesn't claim to modify other skills or system-wide configuration. It runs as an invoked script (entrypoint) and does not attempt to persist or escalate privileges beyond using the provided Portainer token and URL.
What to consider before installing
Key things to check before installing: - Do not install on production until you verify the credential handling. The Python script expects PORTAINER_API_TOKEN and PORTAINER_API_URL environment variables, but the registry metadata lists none and SKILL.md tells you to set OpenClaw config keys—confirm how your OpenClaw instance maps config keys to environment variables. - Treat the Portainer API token as highly sensitive. Create a token with the minimum privileges required (prefer read-only where possible) and avoid using a full admin token unless absolutely necessary. - Review and test the included scripts in an isolated environment first. The skill proxies arbitrary Docker API calls (can start/stop containers, read files, etc.) and also disables TLS verification (verify=False), which weakens transport security. - Ask the publisher or maintainer to fix packaging inconsistencies: package.json lists Python libraries as Node deps (likely incorrect) and metadata should declare the required credential(s) explicitly (primaryEnv or requires.env). Also request that TLS verification be optional (not disabled by default) and that the code documents where OpenClaw will source the token. - If you can’t verify these issues, avoid granting a real Portainer token. Instead, test using a throwaway Portainer instance with no access to critical hosts/data. Confidence: high that these inconsistencies are real and should be resolved before trusting the skill.

Like a lobster shell, security has layers — review code before you run it.

Current versionv0.1.1
Download zip
latestvk97dnr0k5y7sq0bpzg6k6hpp5580qr85

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

SKILL.md

Portainer Manager Skill

Manage your Docker infrastructure through the Portainer CE HTTP API.

Setup

Add your Portainer API Key to your OpenClaw configuration:

openclaw config set portainer.apiKey "your_token_here"

Functions

  • list_environments(): Retrieves all Portainer environments (endpoints).
  • list_stacks(environment_id): Lists all stacks. Optional: filter by environment ID.
  • inspect_stack(stack_id): Returns full JSON details for a specific stack.
  • deploy_stack(stack_name, compose_content, environment_id): Launches a new Docker Compose stack from a string.
  • remove_stack(stack_id): Deletes a stack by ID.
  • execute_docker_command(environment_id, path, method, payload): Advanced. Proxies raw Docker API requests (e.g., /containers/json) through Portainer.

Files

4 total
Select a file
Select a file to preview.

Comments

Loading comments…