Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
oVirt MCP Server
v0.1.0Manage oVirt/RHV virtualization infrastructure via MCP. Provides 186 tools for VMs, hosts, clusters, networks, storage, templates, snapshots, disks, events,...
⭐ 0· 67·0 current·0 all-time
byJoey@imjoey
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
high confidencePurpose & Capability
The skill's name/description match its documented capabilities (managing oVirt/RHV via MCP). However the registry metadata declares no required environment variables or credentials while the SKILL.md clearly instructs setting OVIRT_ENGINE_URL, OVIRT_ENGINE_USER, and OVIRT_ENGINE_PASSWORD to operate — a mismatch between declared requirements and actual needed capabilities.
Instruction Scope
SKILL.md is focused on oVirt operations (VMs, hosts, storage, RBAC, etc.) and does not ask the agent to read unrelated host files. It does, however, instruct installing and running an external MCP server process (ovirt-engine-mcp) and shows embedding credentials in JSON config examples — both of which expand runtime scope and raise operational/credential-handling concerns.
Install Mechanism
The registry lists no install spec, but SKILL.md tells users/agents to pip install a package (ovirt-engine-mcp-server) or clone a GitHub repo. That means the skill relies on third-party code fetched at install/run time even though no install mechanism was declared in metadata — this discrepancy increases risk because the runtime will depend on external packages and source code that the registry metadata did not surface.
Credentials
No required env vars are declared in the registry, yet SKILL.md requires OVIRT_ENGINE_URL, OVIRT_ENGINE_USER, and OVIRT_ENGINE_PASSWORD (and provides examples). Requesting an admin password is reasonable for managing oVirt, but omitting these from declared requirements is an incoherence and means users might not realize they must supply sensitive credentials. The examples also show putting passwords in JSON configs — avoid embedding secrets in config files.
Persistence & Privilege
always:false (good). The instructions run a long-lived MCP server (ovirt-engine-mcp) that receives JSON-RPC over stdio; this is expected for MCP integration but does create a persistent local process that will hold credentials and network access. That persistent presence is not declared in metadata and could expose credentials if the service is misconfigured or run in an untrusted environment.
What to consider before installing
This skill is documentation for an oVirt MCP server and is not itself code, but the SKILL.md instructs installing and running external software that requires oVirt credentials. Before installing or running: 1) Verify the upstream package/repository (PyPI package and GitHub repo) and review its source; 2) Treat OVIRT_ENGINE_PASSWORD as a secret — use environment variables or a secrets manager, do not embed passwords in JSON config files; 3) Run the MCP server in an isolated environment (sandbox/container) if you don't fully trust the package; 4) Prefer least-privilege oVirt account for automation (avoid full admin credentials where possible); 5) If you expect automated agent invocation, confirm that exposing a local MCP server and its RPC interface is acceptable in your environment; 6) Ask the skill author or registry maintainer why required env vars and install steps were omitted from the declared metadata — this mismatch is the primary reason for caution.Like a lobster shell, security has layers — review code before you run it.
devopsvk97da7529bsps0qd83x98ekha983xv0dlatestvk97da7529bsps0qd83x98ekha983xv0dmcpvk97da7529bsps0qd83x98ekha983xv0dovirtvk97da7529bsps0qd83x98ekha983xv0drhvvk97da7529bsps0qd83x98ekha983xv0dvirtualizationvk97da7529bsps0qd83x98ekha983xv0d
License
MIT-0
Free to use, modify, and redistribute. No attribution required.