ClawHub

Kubernetes Skills

v1.0.0

Kubernetes certificate management with cert-manager. Use when managing TLS certificates, configuring issuers, or troubleshooting certificate issues.

1· 2.1k·7 current·7 all-time
by@rohitg00
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
!
Purpose & Capability
The SKILL.md clearly operates on a Kubernetes cluster (kubectl_apply, certmanager_* tools, creating ClusterIssuer/Certificate resources). However, the registry metadata declares no required binaries, env vars, or config paths. Managing cert-manager legitimately requires kubectl access (or equivalent API access) and cluster credentials (often cluster-admin for ClusterIssuer). The metadata and declared requirements are therefore incomplete/inconsistent with the described capability.
Instruction Scope
Instructions stay on-topic: listing/creating Certificates, Issuers, CertificateRequests, Ingress annotations, and troubleshooting. They reference Let's Encrypt ACME endpoints (expected) and cluster events for debugging. The skill does not instruct reading unrelated local files or exfiltrating data to unexpected external endpoints.
Install Mechanism
This is instruction-only with no install spec or code files, so nothing is written to disk by an installer—low installation risk. The runtime relies on external tools being available (kubectl and cert-manager-related tooling), which are not declared in metadata.
!
Credentials
No environment variables, credentials, or config paths are declared despite the skill plainly requiring access to a Kubernetes cluster (kubeconfig, KUBECONFIG, or in-cluster credentials) and cluster secrets/private keys for ACME issuers. Requesting no credentials in metadata is disproportionate to the operations shown in SKILL.md.
Persistence & Privilege
Skill is not always-enabled and does not claim persistent/system-wide modifications. It does perform cluster mutations (apply manifests) when invoked, which is expected for this purpose but should be run with appropriate privileges and caution.
What to consider before installing
Before installing: (1) Understand that this skill will create and modify Kubernetes resources (Certificates, ClusterIssuers, Ingresses). Ensure you trust the skill source. (2) Confirm the agent runtime has kubectl / cert-manager tooling and appropriate kubeconfig or cluster credentials; the skill metadata does not declare these requirements but the SKILL.md assumes them. (3) Running ClusterIssuer manifests typically requires cluster-admin privileges—use least-privilege accounts and test in a staging cluster first. (4) Review the provided YAML (especially ACME email/privateKeySecretRef) and make sure secrets are handled securely; be careful using production Let's Encrypt due to rate limits. (5) Ask the publisher to update metadata to declare required binaries (kubectl), config paths (KUBECONFIG or kubeconfig file), and any needed permissions so you can make an informed risk decision.

Like a lobster shell, security has layers — review code before you run it.

latestvk970vzn79hy17aj2w840by9fvn7zz8vw

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments