Ansible Generator
PassAudited by VirusTotal on May 11, 2026.
Overview
Type: OpenClaw Skill Name: ansible-generator Version: 0.1.0 The ansible-generator skill is a well-structured tool designed to scaffold Ansible playbooks, roles, and inventories. It follows industry best practices, such as enforcing Fully Qualified Collection Names (FQCN), ensuring idempotency, and explicitly instructing the agent to use 'no_log: true' for sensitive values. There is no evidence of data exfiltration, malicious execution, or prompt injection; the skill focuses entirely on its stated purpose of configuration generation and validation (SKILL.md).
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Generated output may rely on unstated assumptions or improvised templates if those referenced files are not actually available.
The skill's deterministic flow depends on local reference and template files, while the supplied manifest lists only SKILL.md. This is a provenance/completeness note rather than evidence of unsafe behavior.
Required references: `references/best-practices.md` ... Required templates ... `assets/templates/playbook/basic_playbook.yml` ... `assets/templates/role/`
Before relying on generated Ansible for production use, confirm that the referenced templates and best-practice files are included or that the agent clearly explains any fallback behavior.
The agent may try to use a separate validator workflow or tool during generation, which could affect how results are checked.
The skill directs a chained validation step, but no validator binary or dependency is declared. This is purpose-aligned quality control and does not show deployment or destructive execution.
`full-generation` | Run `ansible-validator` after generation and after each fix pass | If validator/tools are unavailable...
Let the agent validate generated files when available, but review which checks were actually run and manually inspect generated playbooks before executing them.