ClawHub

etcd-manager

v1.0.0

Manage etcd key-value store operations (list, get, put, delete) with safety checks and backup mechanisms. Use when: reading/writing configuration, managing d...

1· 89·0 current·0 all-time
by@fpbear
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
medium confidence
Purpose & Capability
Name/description match the included scripts and SKILL.md. The helper script and test script implement list/get/put/delete and health checks as described.
Instruction Scope
SKILL.md and scripts stay within etcd operational scope (etcdctl calls, backup-before-write, explicit confirmations recommended). The references show examples that write backups to /var/backup/etcd and mention audit logging, but the included scripts only print old values and do not implement persistent backup/log shipping — review whether you need persistent backups or logging before relying on the skill in production.
!
Install Mechanism
The skill is instruction-only (no formal install spec), which is lower risk, but INSTALL.md contains a placeholder/untrusted download example (https://example.com/openclaw-skill-etcd-1.0.0.tar.gz). The package.json lists 'etcdctl' as a dependency (etcdctl is a system binary, not an npm package). These are likely documentation issues but should be corrected to point to authoritative releases and clear installation steps.
Credentials
The skill declares no required environment variables or credentials, which is reasonable. It does use endpoint URLs and optionally TLS cert file paths (CACERT, CERT, KEY_FILE / ETCD_CA_CERT, ETCD_CLIENT_CERT, ETCD_CLIENT_KEY) but treats them as optional; confirm you will provide appropriate TLS files for production clusters. The skill does not request unrelated credentials.
Persistence & Privilege
always:false and no modifications to other skills or global configuration. The skill does not request permanent elevated privileges or automatic inclusion.
Assessment
This etcd-manager skill appears to do what it claims: it runs etcdctl commands with sensible safety rules. Before installing, check three things: (1) fix the INSTALL.md download placeholder and only install packages from a trusted release/source (the README/package.json currently point to example/GitHub placeholders), (2) decide where and how you want backups/audit logs persisted (the scripts only print old values; the docs contain sample backup-to-/var/backup which would require write permissions), and (3) provide TLS cert paths or endpoint credentials for production clusters — the skill expects you to supply them but does not store or request secrets itself. If you need stricter assurance, ask the maintainer for signed release artifacts and a clear install URL and confirm any backup/logging behavior before running in production.

Like a lobster shell, security has layers — review code before you run it.

latestvk97607axxxywffb461sff3pprd83gqq4

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments