ClawHub

Homelab Assets

v1.0.0

Track, manage, and report on homelab hardware inventory with details on purchase, warranty, power use, location, and generate insurance-ready reports.

0· 68·0 current·0 all-time
byNew Age Investments@newageinvestments25-byte
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description describe a local homelab inventory and the included scripts (add, update, list, search, report) implement exactly that functionality. There are no unexpected external integrations or unrelated environment variables requested.
Instruction Scope
SKILL.md and the scripts confine operations to reading and writing a single JSON inventory file (default: ~/.openclaw/workspace/homelab-assets/inventory.json, overrideable with HOMELAB_ASSETS_PATH). Instructions do not request reading unrelated system files, shell history, or sending data to external endpoints.
Install Mechanism
No install spec and no remote downloads; the skill is delivered as local Python scripts. This is low risk — nothing is fetched from external URLs or installed system-wide.
Credentials
The skill requires no credentials or special environment variables; only an optional HOMELAB_ASSETS_PATH to override the inventory location. This is proportional to its stated purpose.
Persistence & Privilege
Skill is not forced-always, does not request system-wide configuration changes, and only writes to its own inventory file. Autonomous invocation is allowed by default but is not by itself a problem here because the skill has no network/exfiltration behavior.
Assessment
This skill appears to be a straightforward local inventory tool. Before installing/using it: (1) confirm you are comfortable storing asset data (serial numbers, purchase prices, locations) in the default ~/.openclaw/workspace/homelab-assets/inventory.json or choose a secure path via HOMELAB_ASSETS_PATH; (2) set appropriate file permissions to restrict access (chmod 600) if the data is sensitive; (3) run the included scripts locally with Python 3 and inspect them yourself (they are human-readable) — they perform only JSON read/write and reporting; (4) if you intend to run the skill autonomously via an agent, be aware the agent could run these scripts on your behalf, but because the scripts have no network calls or credential access the blast radius is limited; (5) avoid copying the inventory file to untrusted services or repositories without redacting sensitive fields.

Like a lobster shell, security has layers — review code before you run it.

latestvk972xdy2nxayjczch3d8aqna2d83m9t8

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments