ClawHub

Azure Infra

v1.0.0

Chat-based Azure infrastructure assistance using Azure CLI and portal context. Use for querying, auditing, and monitoring Azure resources (VMs, Storage, IAM, Functions, AKS, App Service, Key Vault, Azure Monitor, billing, etc.), and for proposing safe changes with explicit confirmation before any write/destructive action.

2· 2.9k·5 current·5 all-time
by@bmdhodl
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
!
Purpose & Capability
The SKILL.md explicitly instructs the agent to use the local Azure CLI (commands like `az account show`, `az login`, and many `az ...` queries). Despite that, the registry metadata declares no required binaries and no primary credential. A legitimate Azure CLI–based skill would normally declare the CLI dependency (and often note it needs Azure credentials); the omission is an inconsistency that could mislead users about what the skill will access.
Instruction Scope
The runtime instructions are narrowly scoped: they default to read‑only Azure CLI queries, require explicit confirmation before write/destructive actions, recommend dry‑runs when available, and do not instruct the agent to read arbitrary local files or call unexpected external endpoints. There is no prose directing exfiltration or broad system probing.
Install Mechanism
This is an instruction‑only skill with no install spec and no code files — low installation risk (nothing is downloaded or written to disk by the skill itself).
!
Credentials
The skill declares no required environment variables or primary credential, yet it will operate using whatever Azure authentication is present in the environment (az CLI access tokens, service principal credentials, or user login). That implicit access to Azure credentials and resources is not surfaced in the metadata; users should be aware the agent can run CLI commands that read or list sensitive cloud resources depending on the identity configured for az.
Persistence & Privilege
The skill does not request persistent/system‑wide privileges, is not always: true, and has no install steps that modify other skills or global agent settings. Autonomous invocation is allowed (the platform default), which increases blast radius if misused, but is not by itself a defect.
What to consider before installing
This skill appears to be a straightforward Azure CLI helper, but the metadata fails to declare the obvious dependency on the Azure CLI and does not call out that it will use whatever Azure credentials are already configured. Before installing or invoking it: (1) verify the skill's source/author and prefer an official publisher; (2) ensure the host's az CLI is present and that you understand which Azure identity (user login or service principal) the agent will use; (3) restrict that identity to least privilege or use a dedicated test subscription if possible; (4) do not allow the agent to execute write/destructive commands without manually reviewing the exact CLI command and confirming execution; (5) if you want stricter control, disable autonomous skill invocation for this skill or require an explicit enable step; and (6) ask the publisher to update metadata to declare the az dependency and explicitly state credential access so the risk is transparent.

Like a lobster shell, security has layers — review code before you run it.

azurevk97bhzvdv59fydnxyyew32fmp1801yxjinfravk97bhzvdv59fydnxyyew32fmp1801yxjlatestvk97bhzvdv59fydnxyyew32fmp1801yxj

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments