INWX

v0.2.0

INWX domain registrar management: domain registration, availability check, DNS records, nameservers, DNSSEC, pricing, transfers.

⭐ 0· 390·2 current·2 all-time

byelvatis_com@homeofe

MIT-0

Security Scan

VirusTotal

Benign

View report →

OpenClaw

Benign

high confidence

✓

Purpose & Capability

Name, description, manifest, SKILL.md and source files all align: this is an INWX (DomRobot) client exposing read/write domain and DNS operations. The required credentials (username/password and optional otpSecret) are appropriate and declared in openclaw.plugin.json. No unrelated services, binaries, or credentials are requested.

✓

Instruction Scope

SKILL.md and README instruct npm installation and configuring an INWX account, using an OTE sandbox for tests, and describe explicit tools (23 ops). Runtime instructions and code only call the INWX API (via domrobot-client) and accept injected ISPConfig toolsets for optional orchestration; there are no instructions to read arbitrary system files or exfiltrate data to unexpected endpoints.

ℹ

Install Mechanism

Registry lists no install spec (instruction-only at platform level) but the package contains a package.json and SKILL.md instructs npm install @elvatis_com/openclaw-inwx. That will pull the domrobot-client dependency from the npm registry. This is expected for a Node plugin but means code will be fetched from npm at install time — review the npm package/source if you require an audited dependency chain.

✓

Credentials

The plugin asks for an INWX username/password and optional otpSecret via its config manifest (openclaw.plugin.json) — these are proportional to registrar operations. The repository's OTE tests reference environment variables for convenience (INWX_OTE_USERNAME, INWX_OTE_PASSWORD, INWX_OTE_OTP) but those are only for running tests and are not required by the plugin at runtime. No unrelated secrets or broad environment access are requested.

✓

Persistence & Privilege

The skill is not marked always:true and uses the normal model-invocation flow. It does not attempt to modify other skills or global agent settings. The provisioning helper will call injected external toolsets (e.g., isp_provision_site) — this is by design and requires the caller to supply those toolsets.

Assessment

This plugin appears to do exactly what it says: it talks to the INWX API and exposes read and write domain/DNS operations. Before installing and supplying credentials: 1) Only provide an INWX account username/password (and optional 2FA secret) you trust the plugin to use — consider using a dedicated test account or OTE sandbox for initial testing. 2) Use readOnly=true or allowedOperations to limit write capabilities when you only need queries. 3) Installing via npm will pull domrobot-client from the npm registry; if you require strict supply-chain assurance, review the published npm package and its dependencies. 4) If you call provisionDomainWithHosting, note it will invoke whatever ISPConfig toolset you supply — ensure that toolset is trustworthy. If you want additional assurance, run the included unit tests and (safely) the OTE integration tests in an isolated environment first.

Like a lobster shell, security has layers — review code before you run it.

elvatisvk979x47cvpv1r7xqjw11pvdxf581pjbqlatestvk977fdtdnvyjz9bgt99an6abd5821qb8openclawvk979x47cvpv1r7xqjw11pvdxf581pjbqpluginvk979x47cvpv1r7xqjw11pvdxf581pjbq

License

MIT-0

Free to use, modify, and redistribute. No attribution required.

Termshttps://spdx.org/licenses/MIT-0.html

SKILL.md

openclaw-inwx

OpenClaw plugin for INWX (InterNetworX) domain registrar automation.

It provides 23 tools for domain lifecycle operations, DNS management, DNSSEC, contact handling, WHOIS, and account checks.

Features

INWX DomRobot JSON-RPC integration via domrobot-client
Environment switch: production or ote
Optional 2FA login support (otpSecret)
Safety controls:
- readOnly blocks all write tools
- allowedOperations allowlist for tool-level policy
TypeScript strict mode

Installation

npm install @elvatis_com/openclaw-inwx

For local development:

npm install
npm run build
npm test

INWX Account Setup

Create or use your INWX account.
Enable API access in INWX account settings.
If 2FA is enabled, provide a shared secret via otpSecret.
For safe testing, use OTE environment (ote.inwx.com).

Plugin Config

{
  "username": "your-inwx-user",
  "password": "your-inwx-password",
  "otpSecret": "optional-2fa-secret",
  "environment": "ote",
  "readOnly": false,
  "allowedOperations": []
}

Tool List

Read Tools

inwx_domain_check
- INWX method: domain.check
- Params: domain (string)
inwx_domain_list
- INWX method: domain.list
- Params: optional filters (object)
inwx_domain_info
- INWX method: domain.info
- Params: domain (string)
inwx_domain_pricing
- INWX method: domain.check
- Params: domain (string) or domains (string[])
inwx_nameserver_list
- INWX method: nameserver.list or domain.info
- Params: optional domain
inwx_dns_record_list
- INWX method: nameserver.info
- Params: domain (string)
inwx_dnssec_list
- INWX method: dnssec.info
- Params: optional filters
inwx_contact_list
- INWX method: contact.list
- Params: optional filters
inwx_whois
- INWX method: domain.whois
- Params: domain (string)
inwx_account_info
- INWX method: account.info
- Params: none

Write Tools

inwx_domain_register
- INWX method: domain.create
- Params: domain, period, contacts, ns
inwx_domain_update
- INWX method: domain.update
- Params: method payload
inwx_domain_delete
- INWX method: domain.delete
- Params: method payload
inwx_domain_transfer
- INWX method: domain.transfer
- Params: method payload
inwx_domain_renew
- INWX method: domain.renew
- Params: method payload
inwx_nameserver_set
- INWX method: domain.update
- Params: domain, ns (string[])
inwx_dns_record_add
- INWX method: nameserver.createRecord
- Params: method payload
inwx_dns_record_update
- INWX method: nameserver.updateRecord
- Params: method payload
inwx_dns_record_delete
- INWX method: nameserver.deleteRecord
- Params: method payload
inwx_dnssec_enable
- INWX method: dnssec.create
- Params: method payload
inwx_dnssec_disable
- INWX method: dnssec.delete
- Params: method payload
inwx_contact_create
- INWX method: contact.create
- Params: method payload
inwx_contact_update
- INWX method: contact.update
- Params: method payload

OTE Test Environment

Set:

{ "environment": "ote" }

This points the client to INWX OTE API endpoint and allows free integration testing without production costs.

Integration with openclaw-ispconfig

This plugin exports provisionDomainWithHosting() for end-to-end domain-to-hosting provisioning. It orchestrates both plugins without a hard dependency:

Domain check - inwx_domain_check
Domain register - inwx_domain_register (skipped if taken or skipRegistration=true)
Nameserver set - inwx_nameserver_set
Hosting provision - isp_provision_site (site, DNS zone, mail, database)

import { buildToolset, provisionDomainWithHosting } from "@elvatis_com/openclaw-inwx";
import ispPlugin from "@elvatis_com/openclaw-ispconfig";

const result = await provisionDomainWithHosting(
  buildToolset(inwxConfig),
  ispPlugin.buildToolset(ispConfig),
  { domain: "example.com", nameservers: ["ns1.host.de"], serverIp: "1.2.3.4", clientName: "Acme", clientEmail: "a@acme.com" },
);

Safety

readOnly=true allows only:
- domain check/list/info/pricing
- nameserver list
- dns record list
- dnssec list
- contact list
- whois
- account info
allowedOperations can restrict to explicit tool names.

Notes

No live tests are included in this repository.
Unit tests use mocks only.

Files

19 total

Select a file

Select a file to preview.

Comments

Loading comments…