Tmp.KeZADKUzFf

Manage ISPConfig servers: automated site provisioning, domains, mailboxes, DNS, databases, SSL, backups, and more.

MIT-0 · Free to use, modify, and redistribute. No attribution required.

⭐ 0 · 16 · 0 current installs · 0 all-time installs

byelvatis_com@homeofe

MIT-0

Security Scan

VirusTotal

Benign

View report →

OpenClaw

Benign

high confidence

✓

Purpose & Capability

Name/description, SKILL.md, openclaw.plugin.json and source code all align: the plugin implements many ISPConfig API calls and legitimately requires an ISPConfig endpoint URL, username, and password. No unrelated cloud credentials, binaries, or config paths are requested.

✓

Instruction Scope

Runtime instructions and SKILL.md focus on configuring the ISPConfig API endpoint and credentials, listing tools, and optional development test env vars. The runtime code only communicates with the configured API, performs validation, and exposes tools; it does not read arbitrary host files or send data to external endpoints other than the configured ISPConfig URL.

✓

Install Mechanism

There is no download/install spec in the registry entry; the package is a typical npm TypeScript plugin (package.json present) with no remote installers or archive downloads. No high-risk install URLs or extract operations are present.

✓

Credentials

The plugin requires only an ISPConfig apiUrl, username, and password (password marked secret). SKILL.md mentions optional env vars for local tests, but the runtime does not request unrelated secrets or multiple external credentials.

✓

Persistence & Privilege

The skill is not declared always:true and does not modify other skills or system-wide settings. It exposes tools that perform network calls to the configured API but does not persist or escalate privileges on the host.

Assessment

This plugin appears to implement exactly what it claims. Before enabling it: 1) verify the plugin's provenance (repository owner and homepage are not provided in the registry metadata) — prefer installing from a trusted npm/GitHub source; 2) supply a remote API user with the minimum necessary ISPConfig permissions (avoid using a full admin account for testing); 3) consider enabling readOnly=true and/or allowedOperations to limit write actions while you validate behavior; and 4) treat the configured password as a secret and store it in the platform's secret storage rather than plain text.

Like a lobster shell, security has layers — review code before you run it.

Current versionv0.4.0

Download zip

latestvk97ef5ykdm6ryrt6tysqczj7hd831eyq

License

MIT-0

Free to use, modify, and redistribute. No attribution required.

Termshttps://spdx.org/licenses/MIT-0.html

SKILL.md

openclaw-ispconfig

OpenClaw plugin to manage ISPConfig via the Remote JSON API. 31 tools for sites, DNS, mail, databases, cron, and one-command provisioning.

Install

ClawHub

clawhub install openclaw-ispconfig

npm

npm install @elvatis_com/openclaw-ispconfig

ISPConfig setup

In ISPConfig, create a Remote User.
Grant required API permissions.
Copy endpoint URL and credentials.
Configure plugin in OpenClaw.

Configuration

openclaw.plugin.json config keys:

apiUrl (required): ISPConfig JSON API URL
username (required): remote user
password (required, secret): remote password
serverId (default 1): default server id
defaultServerIp (optional): fallback IP for provisioning DNS A record
readOnly (default false): block write tools
allowedOperations (default []): whitelist of tool names
verifySsl (default true): TLS certificate verification

Tools

Read tools

isp_methods_list params: none
isp_system_info params: none
isp_client_list params: optional filter fields
isp_client_get params: client_id
isp_sites_list params: optional filters accepted by sites_web_domain_get
isp_site_get params: primary_id (or site_id, domain_id)
isp_domains_list params: none
isp_dns_zone_list params: user-related filter params
isp_dns_record_list params: zone_id
isp_mail_domain_list params: optional filters
isp_mail_user_list params: optional filters
isp_db_list params: user-related filters
isp_ssl_status params: none
isp_quota_check params: client_id
isp_backup_list params: none (returns skipped if API method unavailable)
isp_cron_list params: optional filters

Write tools

isp_client_add params: ISPConfig client_add payload
isp_site_add params: ISPConfig sites_web_domain_add payload
isp_domain_add params: alias for isp_site_add
isp_dns_zone_add params: ISPConfig dns_zone_add payload
isp_dns_record_add params: include type (A, AAAA, MX, TXT, CNAME) and matching payload
isp_dns_record_delete params: include type and matching delete payload
isp_mail_domain_add params: ISPConfig mail_domain_add payload
isp_mail_user_add params: ISPConfig mail_user_add payload
isp_mail_user_delete params: ISPConfig mail_user_delete payload
isp_db_add params: ISPConfig sites_database_add payload
isp_db_user_add params: ISPConfig sites_database_user_add payload
isp_shell_user_add params: ISPConfig sites_shell_user_add payload
isp_ftp_user_add params: ISPConfig sites_ftp_user_add payload
isp_cron_add params: ISPConfig sites_cron_add payload

Provisioning tool

isp_provision_site
Required params:
- domain
- clientName
- clientEmail
Optional params:
- serverIp
- createMail (default true)
- createDb (default true)
- serverId (default from config)

Workflow:

Create client
Create site with SSL and Let's Encrypt enabled
Create DNS zone
Add DNS records (A, CNAME, SPF TXT, DMARC TXT)
Optionally create mail domain and info@ + admin@ mailboxes
Optionally create DB user and database
Ensure SSL flags are enabled on the site

Safety

readOnly=true blocks all write and provisioning tools
allowedOperations=[...] allows only named tools

Development

npm run build
npm test

For live tests, provide environment variables:

ISPCONFIG_API_URL
ISPCONFIG_USER
ISPCONFIG_PASS

License

MIT

Files

14 total

Select a file

Select a file to preview.

Comments

Loading comments…