ClawHub

cloudmonkey

v1.0.0

Manage Apache CloudStack infrastructure using the cloudmonkey (cmk) CLI — list/start/stop/destroy VMs, manage networks, volumes, snapshots, and run any Cloud...

0· 664·1 current·1 all-time
by@kiranchavala
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description align with the requested binary (cmk). The skill is an instruction-only wrapper for the CloudStack CLI. Minor mismatch: SKILL.md refers to the config path (~/.cmk/config) but the registry metadata did not list any required config paths.
Instruction Scope
Instructions tell the agent to run cmk commands via shell exec, which is expected for a CLI wrapper. This implicitly causes network calls and use of whatever credentials are configured for cmk; the skill does not tell the agent to read unrelated files or env vars, but running cmk will read ~/.cmk/config and interact with your CloudStack endpoints.
Install Mechanism
No install spec (instruction-only). Nothing is downloaded or written to disk by the skill itself.
Credentials
The skill declares no required environment variables, which is reasonable since cmk typically reads its credentials from ~/.cmk/config or environment. However, that means CloudStack API keys/secrets in the local cmk config are implicitly in-scope even though not declared.
Persistence & Privilege
always:false and no code or install means the skill does not request permanent presence or elevated platform privileges.
Assessment
This skill is coherent for managing CloudStack via the cloudmonkey CLI but it will execute shell commands and rely on your local cmk configuration. Before installing: 1) ensure the cmk binary you expect is installed and trusted; 2) inspect ~/.cmk/config (and any cmk profiles) for API keys or secrets you care about — the skill will cause cmk to use them; 3) ask the agent to always confirm destructive actions (destroy/expunge) before running them; 4) avoid granting this skill always:true or broad autonomous rights if you don't want the agent to run cloud operations without explicit approval; and 5) if you need tighter control, consider using a dedicated, least-privilege CloudStack account or a sandbox environment for the skill.

Like a lobster shell, security has layers — review code before you run it.

latestvk97e0k3adq85pttcn47dc9ec2d81fhen

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

☁️🐵 Clawdis
Binscmk

Comments