Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Proxmox Management
v1.0.0Manage Proxmox VE nodes, VMs, and containers. Can list hardware stats, resources, and control power states (start, stop, reboot, shutdown).
⭐ 0· 1.9k·0 current·0 all-time
by@robnew
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The code and SKILL.md clearly implement Proxmox management functionality and legitimately require PVE_HOST/PVE_TOKEN_ID/PVE_TOKEN_SECRET. However the registry metadata (which lists no required env vars) does not declare these secrets — an inconsistency. The README also advertises snapshot management while the shipped script does not implement snapshot functions (e.g., take_snapshot is referenced but not present). These mismatches suggest sloppy packaging or incomplete code.
Instruction Scope
SKILL.md tool commands are narrowly scoped to listing nodes/VMs, getting node health/status, and performing power actions. The runtime instructions only reference the Proxmox API and the three environment variables. There are no instructions to read unrelated local files or send data to third-party endpoints. Note: approval is required for destructive actions per SKILL.md; the script relies on the platform to enforce approval (it does not prompt itself).
Install Mechanism
This is instruction-only (no automated install spec). A requirements.txt lists proxmoxer and requests and README instructs pip install proxmoxer requests. Lack of an automated install means dependencies must be installed manually; that's low risk but increases chance of user error. No downloads from arbitrary URLs are present.
Credentials
The environment variables the skill uses (PVE_HOST, PVE_TOKEN_ID, PVE_TOKEN_SECRET) are appropriate and necessary for Proxmox API access. The concern is that the skill registry metadata claims no required env vars while both SKILL.md and the script require secrets — a mismatch that could mislead users into installing without providing required credentials or auditing them. The script also sets verify_ssl=False when connecting to the API, which weakens TLS protections and increases risk of MITM attacks.
Persistence & Privilege
The skill does not request permanent/always-on inclusion (always:false) and does not modify other skills or global agent settings. Model invocation is allowed (default), which is normal for skills. There are no elevated persistence requests in the package.
What to consider before installing
This skill appears to implement legitimate Proxmox management, but there are red flags you should consider before installing: (1) The registry metadata does not list the environment variables that both SKILL.md and the script require — verify that you are comfortable providing PVE_HOST, PVE_TOKEN_ID and PVE_TOKEN_SECRET. (2) README mentions snapshot features the included script doesn't implement — expect the package to be incomplete or out-of-sync. (3) The script disables SSL verification (verify_ssl=False) when connecting to your Proxmox host; prefer enabling certificate verification or ensuring a secure network path. (4) Use a least-privileged API token (read-only / limited-scoped) rather than a full admin token, and do not commit the token secret anywhere. (5) Because the source and homepage are unknown, only install if you trust the publisher and are prepared to inspect/host the script and dependencies yourself. If you want to proceed, verify dependencies (proxmoxer, requests), inspect the code locally, and consider adding TLS verification and implementing missing features (snapshot handling) before granting access to production systems.Like a lobster shell, security has layers — review code before you run it.
homelabvk972vrb7cpsm4q86ad9hqk9ff580d9h3latestvk972vrb7cpsm4q86ad9hqk9ff580d9h3proxmoxvk972vrb7cpsm4q86ad9hqk9ff580d9h3snapshotsvk972vrb7cpsm4q86ad9hqk9ff580d9h3virtualizationvk972vrb7cpsm4q86ad9hqk9ff580d9h3
License
MIT-0
Free to use, modify, and redistribute. No attribution required.