ClawHub

ZEDEDA

v1.0.6

Complete ZEDEDA edge management API client — 473 endpoints across 11 service domains for edge node, application, cluster, storage, network, Kubernetes, diagn...

2· 560·0 current·0 all-time
byKristopher Clark@krisclarkdev
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description match the included Python client and service modules implementing ~473 endpoints across 11 domains. The files and CLI map directly to ZEDEDA API operations; nothing in the manifest requests unrelated cloud credentials or unrelated system access.
Instruction Scope
SKILL.md instructs the agent to set ZEDEDA_API_TOKEN (and optional ZEDEDA_BASE_URL/ZEDEDA_LOG_LEVEL) and run the bundled Python CLI or import the service classes. The runtime instructions do not ask the agent to read arbitrary host files, environment variables beyond those declared, or send data to endpoints other than the configured ZEDEDA base URL.
Install Mechanism
No install spec is provided (instruction-only), and the code bundle is pure Python standard-library code. There are no downloads from arbitrary URLs or package installs declared.
Credentials
Only ZEDEDA_API_TOKEN is required (with ZEDEDA_BASE_URL and ZEDEDA_LOG_LEVEL optional). The client code reads exactly those env vars and uses the token for Bearer auth to the ZEDEDA API — proportional to the skill's functionality.
Persistence & Privilege
always is false and the skill does not request persistent system-wide privileges or modify other skills. It can be invoked autonomously by the agent (default), which is expected for skills; nothing else in the package elevates privilege or requests unusual persistence.
Assessment
This package appears to be a straightforward ZEDEDA API client. Before installing, consider: 1) Only provide a ZEDEDA API token with least privilege (avoid giving full admin tokens unless necessary). 2) Verify the ZEDEDA_BASE_URL is the official endpoint (don't override it to an untrusted host). 3) If you run this in a sensitive environment, review scripts/zededa.py (CLI) and any code that loads --body-file to confirm no unexpected file reads occur; by default the client does not read/write files except when you explicitly use --body-file. 4) If you are concerned about autonomous invocation, disable the skill or restrict agent permissions; autonomous invocation is allowed by default but is not a red flag here. 5) Prefer running in an isolated environment and inspect the bundled code or upstream GitHub repo if you need additional assurance.

Like a lobster shell, security has layers — review code before you run it.

latestvk97dtr5a3x9v46kdqr3cpr6jf981m7z0

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

EnvZEDEDA_API_TOKEN

Comments