ClawHub

Fly.io CLI

v1.0.3

Use the Fly.io flyctl CLI for deploying and operating apps on Fly.io. Default to read-only diagnostics (status/logs/config/releases). Only perform state-changing operations (deploys, SSH exec, secrets, scaling, machines, volumes, Postgres changes) with explicit user approval. Use when asked to deploy to Fly.io, debug fly deploy/build/runtime failures, set up GitHub Actions deploys/previews, or safely manage Fly apps and Postgres.

1· 2.5k·5 current·5 all-time
by@justinburdett
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
!
Purpose & Capability
The SKILL.md clearly expects the flyctl CLI to be available (examples use `fly`, `fly deploy`, `fly secrets list`, etc.), and the references mention the FLY_API_TOKEN secret for GitHub Actions. However, the skill metadata declares no required binaries and no required environment variables. This mismatch (an orchestration skill that does not declare the CLI it needs or the token it references) is an incoherence that should be resolved.
Instruction Scope
The SKILL.md stays within the stated purpose: it documents read-only diagnostics and explicitly requires human approval for state-changing operations (deploy, SSH exec, secrets, DB changes). It references reading repo files (fly.toml) and includes a small helper script for that purpose; those file accesses match the stated tasks. There are no instructions to collect or exfiltrate unrelated host data or to send data to unexpected external endpoints.
Install Mechanism
This is an instruction-only skill with no install spec. That lowers risk because nothing is fetched or written during install. The included script is a simple, readable shell helper and does not perform network calls or obfuscated behavior.
!
Credentials
Operational flow clearly relies on credentials in practice (e.g., FLY_API_TOKEN for CI / GitHub Actions and likely a Fly API token or local `fly` authenticated user for state-changing commands), yet the skill metadata lists no required environment variables or primary credential. The references also mention DATABASE_URL for previews. Requesting no env vars while instructing commands that require authentication is inconsistent and could lead to accidental unauthorized attempts or unclear UX about where credentials come from.
Persistence & Privilege
The skill does not request always: true and is user-invocable only by default. It does not attempt to modify other skill configs or require persistent presence. Autonomous invocation is allowed (default), which is expected for skills; this is not combined with any other high-risk attributes here.
What to consider before installing
This skill appears to be what it says (a Fly.io CLI helper) and the instructions are careful about requiring approval for destructive actions, but two practical inconsistencies deserve attention before you install or grant it runtime privileges: (1) ensure the host environment has the flyctl CLI available (or update the skill metadata to declare it), and (2) confirm how Fly credentials (FLY_API_TOKEN or local fly auth) will be provided — the SKILL.md references tokens but the skill metadata doesn't declare any required env vars. If you plan to allow state-changing operations, require an explicit confirmation step in your agent and avoid supplying broad credentials (use a token with minimal scope or ephemeral tokens). If you don't want the agent to ever mutate production state, restrict it to read-only operations or deny approval prompts by default.

Like a lobster shell, security has layers — review code before you run it.

latestvk97dcvz4vkptdnjjhds5bntka980smmr

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments