ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Unraid Xml Generator

v1.0.0

Generate Unraid DockerMan user template XML files from structured input. Use when: the user asks to "生成 Unraid XML 模板", "创建 Docker 模板", "为 XXX 写 Unraid 模板",...

0· 14·0 current·0 all-time
by@ashanzzz
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name, description, SKILL.md and the included script all align: they generate Unraid DockerMan template XML and optionally write it to /boot/config/plugins/dockerMan/templates-user/my-<name>.xml. No unrelated credentials, binaries, or services are requested.
Instruction Scope
SKILL.md and the script instruct the agent to build XML and optionally deploy to the Unraid templates folder (with an interactive confirmation step). The guidance to override ENTRYPOINT via <ExtraParams> and to put startup commands into <PostArgs> is expected for this use case, but it grants the template the power to run arbitrary shell commands inside the container (normal for Docker templates).
Install Mechanism
No install spec; the skill is instruction + a small Python script. Nothing is downloaded or written to disk automatically by an installer.
Credentials
The skill requires no environment variables or credentials. It allows the user to include environment/config entries in generated XML but does not request secrets itself.
Persistence & Privilege
The script can write directly to /boot/config/plugins/dockerMan/templates-user/my-<name>.xml when run with --deploy, but it prompts for confirmation before writing. The skill is not always-enabled and does not request elevated or permanent platform privileges.
Assessment
This skill appears coherent and matches its stated purpose, but review a few things before using it: (1) Inspect the generated XML before deploying—the script can write to /boot/config/plugins/dockerMan/templates-user/my-<name>.xml when invoked with --deploy. (2) Be cautious with --bypass-entrypoint and PostArgs: these override the image ENTRYPOINT and let the template run arbitrary shell commands inside the container; only do this for images you trust. (3) Validate any host volume paths you add to avoid exposing sensitive host files. (4) Quote or escape characters in startup commands carefully (single-quote handling in PostArgs can be brittle); malformed input could break the shell command in the template. (5) Run and test generation locally (output to a temp file) before deploying to a production Unraid system.

Like a lobster shell, security has layers — review code before you run it.

latestvk976t4h56pr8cneyk3vvtck1ss842t3h

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

SKILL.md

Unraid XML Generator

Core Pattern

The key insight for Unraid Docker templates:

<Container version="2">
  <Name>mycontainer</Name>
  <Repository>image:tag</Repository>
  <Network>bridge</Network>

  <!-- KEY: override ENTRYPOINT to /bin/sh -->
  <ExtraParams>--entrypoint /bin/sh</ExtraParams>

  <!-- KEY: pass real startup command through shell -ec -->
  <PostArgs>-ec 'real startup command here'</PostArgs>

  <!-- User-configurable variables -->
  <Config Name="Display Name" Target="ENV_VAR" Default="..." Type="Variable" Display="always" Required="false" Mask="true">default_value</Config>
  <Config Name="Port" Target="PORT" Default="8080" Mode="tcp" Type="Port" Display="always" Required="true">8080</Config>
  <Config Name="Data Path" Target="/data" Default="/mnt/user/appdata/mycontainer" Mode="rw" Type="Path" Display="always" Required="true">/mnt/user/appdata/mycontainer</Config>
</Container>

Template Field Reference

FieldPurpose
<Name>Unique container identifier
<Repository>Docker image with tag
<Registry>Registry URL (optional, informational)
<Network>Network mode: bridge, host, none
<Shell>Default shell (bash / sh)
<ExtraParams>Extra docker run flags (e.g. --entrypoint /bin/sh)
<PostArgs>Startup command passed to shell -ec
<WebUI>Format: http://[IP]:[PORT:nnnn]/ — shows button in Unraid UI
<Icon>URL to icon image
<Category>Unraid category string
<Config>User-configurable parameter

Config Types

TypeExample
VariableEnvironment variable (Target = env var name)
PortPort mapping (Mode="tcp"/"udp")
PathVolume path (Mode="rw"/"ro")
SliderNumeric slider (requires Min, Max, Step)
DescriptionRead-only description text

Config Display Options

Display valueWhen shown
alwaysAlways visible in UI
advancedHidden behind "Advanced" toggle
hiddenNever shown (manual config)

Masked Variables (secrets)

Set Mask="true" on Type="Variable" Config entries to:

  • Hide the value from the UI (shown as ••••••)
  • Treat as sensitive (API keys, tokens, passwords)

PostArgs Shell Pattern

# Correct way to write PostArgs in XML:
<PostArgs>-ec 'export VAR1="value1" && export VAR2="value2" && exec real_command --flag arg'</PostArgs>

# Breaking down:
# -e  : exit on error
# -c  : read command from string (not stdin)
# '...' : single-quoted command string

Standard Config Variables to Include

For any container:

<Config Name="HTTP Proxy" Target="HTTP_PROXY" Default="" Type="Variable" Display="advanced" Required="false" Mask="false">http://192.168.8.30:7893</Config>
<Config Name="HTTPS Proxy" Target="HTTPS_PROXY" Default="" Type="Variable" Display="advanced" Required="false" Mask="false">http://192.168.8.30:7893</Config>
<Config Name="NO Proxy" Target="NO_PROXY" Default="" Type="Variable" Display="advanced" Required="false" Mask="false">localhost,127.0.0.1,192.168.0.0/16</Config>
<Config Name="TZ" Target="TZ" Default="Asia/Shanghai" Type="Variable" Display="advanced" Required="false" Mask="false">Asia/Shanghai</Config>

Script Usage

python3 scripts/generate_template.py \
  --name opencode \
  --image ghcr.io/anomalyco/opencode:latest \
  --port 4096 \
  --web-port 4097 \
  --output /tmp/opencode.xml

# Generate with all standard env vars:
python3 scripts/generate_template.py \
  --name opencode \
  --image ghcr.io/anomalyco/opencode:latest \
  --port 4096 \
  --web-port 4097 \
  --proxy 192.168.8.30:7893 \
  --tz Asia/Shanghai \
  --output /tmp/opencode.xml

Common Pitfalls

  1. Double quotes in PostArgs → escape as &quot; in XML
  2. ENTRYPOINT bypass → always use <ExtraParams>--entrypoint /bin/sh</ExtraParams>
  3. Shell variable substitution → use single quotes for PostArgs to prevent $VAR expansion by XML parser
  4. Template filename → must start with my- and end with .xml
  5. Path permissions → Unraid runs containers as PUID/PGID = 99/100 by default

Output

The generated XML file is placed at:

/boot/config/plugins/dockerMan/templates-user/my-<name>.xml

User must confirm before deploying (writing) to that path.

Files

2 total
Select a file
Select a file to preview.

Comments

Loading comments…