ClawHub

SSL + Nginx Setup

v1.0.0

Configure Nginx as a reverse proxy with SSL/TLS via Let's Encrypt, security headers, HTTP/2, and gzip compression for any application on any VPS. Use when th...

0· 50·0 current·0 all-time
bySamih Mansour@llcsamih
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
Capability signals
CryptoCan make purchases
These labels describe what authority the skill may exercise. They are separate from suspicious or malicious moderation verdicts.
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
The skill's name/description match the runtime instructions: it collects domain, port, email and then installs nginx/certbot, writes /etc/nginx site files, tests and reloads nginx, and runs certbot. All requested actions are what you'd expect for configuring an Nginx reverse proxy with Let's Encrypt on an Ubuntu/Debian VPS.
Instruction Scope
The SKILL.md explicitly limits itself to server admin tasks (DNS checks, apt install, editing /etc/nginx, systemctl, certbot). It does read local files/processes to detect an app port (Dockerfile, docker-compose, running processes) which is appropriate for the task. There are no instructions to read unrelated secrets or exfiltrate data.
Install Mechanism
This is an instruction-only skill (no install spec, no code files). It tells the operator to use apt to install packages at runtime, which is normal for provisioning documentation. There are no downloads from arbitrary URLs or archive extraction steps in the provided content.
Credentials
The skill does not request environment variables or credentials. It asks the user for an email (standard for Let's Encrypt) and for DNS ownership verification. If automatic DNS-01 wildcard issuance is later suggested, that may require DNS API credentials — the current document does not declare any such credentials.
Persistence & Privilege
The skill requires running privileged system commands on the target VPS (apt, systemctl, writing /etc/nginx). That is expected for a provisioning task, but it means the operator/agent must be able to perform root-level actions on the server. The skill is not configured 'always: true'; however, if you let an agent invoke this autonomously, ensure it is allowed to run those privileged operations and review commands first.
Assessment
This skill is internally consistent for setting up Nginx and Let's Encrypt on an Ubuntu/Debian VPS. Before using it: 1) Verify the skill source/author since it will instruct running root-level commands on your server — review each command before execution. 2) Ensure you have SSH/root access and have backups of existing /etc/nginx configs (the script recommends backups but double-check). 3) Confirm your domain DNS points to the server (the guide stops if it doesn't). 4) If you need wildcard certs and wish to automate DNS-01, be prepared to provide DNS API credentials (the SKILL.md may later suggest DNS plugins; these credentials must be provided carefully). 5) Prefer manual invocation or review if allowing an autonomous agent to execute these steps, because the procedure modifies system packages and configuration files.

Like a lobster shell, security has layers — review code before you run it.

latestvk97asc5za2xx1wc4qsvc9b26w184fd0k

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments