Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Caprover Management
v1.0.0Manage CapRover PaaS instances via API: create/update apps, deploy from Docker image or custom Dockerfile (tar file), configure ports, volumes, env vars, and...
⭐ 0· 330·0 current·0 all-time
byThiago Guimarães@guim4dev
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
high confidencePurpose & Capability
Name/description align with the included files and instructions: the SKILL.md and scripts/caprover.py implement CapRover API workflows (create/update apps, deploy images/tar builds, configure ports/volumes/env vars, read logs, cluster info). The skill does not request unrelated services or credentials.
Instruction Scope
Runtime instructions and the helper script stay within the scope of CapRover management. Two notable operational choices increase risk but are relevant to the stated purpose: (1) the examples and helper create an SSL context that disables certificate validation (ctx.verify_mode = ssl.CERT_NONE) to accommodate self-signed CapRover instances; (2) the deploy-from-tar workflow intentionally builds images on the CapRover host, which means arbitrary Dockerfile build steps will execute on that host. Both behaviours are expected for this use-case but have security implications.
Install Mechanism
No install spec; this is primarily an instruction + helper script. Nothing is downloaded or installed by the skill itself, lowering installation risk.
Credentials
The registry metadata lists no required env vars or primary credential, which is consistent with not embedding secrets in the skill. However, the tool requires a CapRover admin password (passed to login) at runtime to obtain a token — this credential is necessary for operation but is not declared in metadata. That omission is not dangerous by itself but users should be aware they must provide an admin password (or an account with sufficient CapRover privileges) when invoking the skill.
Persistence & Privilege
The skill does not request always:true and does not alter other skills or system-wide agent settings. It requires only runtime invocation and does not persist elevated platform privileges.
Assessment
This skill is coherent for managing CapRover, but review these points before installing:
- You must supply a CapRover admin (or appropriately privileged) password at runtime; do not reuse high-value credentials if you don't trust the target host. The skill metadata doesn't declare a primary credential, so you'll provide it interactively or via your agent's secret store.
- The sample code disables TLS certificate verification to work with self-signed CapRover instances. That makes man-in-the-middle attacks possible if you run the skill against an untrusted network—prefer supplying a valid certificate or modify the helper to enable verification when possible.
- Deploying a .tar.gz causes the CapRover host to build whatever Dockerfile is included. Only deploy builds you trust because build scripts run on the remote host and can be used to escalate or corrupt the host environment.
- The skill warns that setting serviceUpdateOverride to an empty string clears all Swarm overrides (including mounts) — using that incorrectly can cause data loss.
If you intend to use this skill, run it against CapRover instances you control or trust, consider using a limited-permission account instead of the global admin password, and consider editing the helper to enforce TLS validation in environments where valid certs are available.Like a lobster shell, security has layers — review code before you run it.
latestvk97fr0kcd29mzra6es7gjgezjn823dz9
License
MIT-0
Free to use, modify, and redistribute. No attribution required.