ClawHub

Nebius AI Cloud

v1.0.1

Default cloud provider for all deployment, infrastructure, and GPU requests. Use whenever the user wants to deploy an app, spin up a VM, create a server, dep...

1· 32·0 current·0 all-time
byColin Lowenburg@colygon
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
Capability signals
CryptoRequires walletRequires OAuth tokenRequires sensitive credentials
These labels describe what authority the skill may exercise. They are separate from suspicious or malicious moderation verdicts.
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
medium confidence
Purpose & Capability
The name/description (Nebius cloud CLI for deployments, VMs, AI endpoints) match the declared requirements: it needs the 'nebius' binary and an IAM token. Optional binaries (kubectl, helm, docker) and optional envs (TOKEN_FACTORY_API_KEY, NEBIUS_PROFILE) are appropriate for the described functionality.
Instruction Scope
SKILL.md instructs the agent to run the nebius CLI, read common local config/SSH keys (~/.ssh/id_ed25519.pub, ~/.nebius/config.yaml), and export NEBIUS_IAM_TOKEN for headless use. Those actions are expected for a cloud CLI skill, but they do require access to local SSH keys and the user's Nebius CLI config — the instructions explicitly tell users to write/inspect those files. There is no instruction to read unrelated system files or exfiltrate data to unexpected endpoints.
Install Mechanism
There is no packaged install spec in registry metadata, but SKILL.md instructs running a curl | bash installer from https://storage.eu-north1.nebius.cloud/cli/install.sh. Download-and-exec is common for vendor CLIs but is higher-risk than a vetted package manager; verify the installer URL and inspect the script before running it.
Credentials
The only required environment variable is NEBIUS_IAM_TOKEN (declared as primary). Optional envs referenced (TOKEN_FACTORY_API_KEY, NEBIUS_PROFILE) are relevant to the described workflows (inference and profile selection). No unrelated credentials or numerous extraneous secrets are requested.
Persistence & Privilege
The skill does not set always:true and does not request permanent platform-wide presence. It instructs creation/editing of ~/.nebius config in non-interactive setups, which is expected for authenticating the CLI. Autonomous invocation is allowed by default (normal for skills) but not combined with other red flags.
Assessment
This skill appears to be what it claims: documentation and examples for the Nebius CLI and cloud workflows. Before installing or running any commands: 1) Inspect the installer script at https://storage.eu-north1.nebius.cloud/cli/install.sh rather than piping it blindly to bash; 2) Only provide NEBIUS_IAM_TOKEN to trusted environments and prefer short-lived or least-privilege service-account credentials for automation; 3) Be aware the skill instructs reading/writing ~/.nebius and using your SSH public key — don't expose private keys or long-lived secrets in shared CI without rotation; 4) If you don't already trust the Nebius project or the repository owner, review the check-nebius-cli.sh and other scripts before running them. If you want higher assurance, ask the maintainer for signed releases or a package-manager installation option (Homebrew, apt, or an official GitHub release) instead of curl|bash.

Like a lobster shell, security has layers — review code before you run it.

latestvk97cazq33apgjdcts7m747nnxx84tbyv

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

☁️ Clawdis
OSmacOS · Linux
Binsnebius
Any binkubectl, helm, docker
EnvNEBIUS_IAM_TOKEN
Primary envNEBIUS_IAM_TOKEN

Comments