Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
syself-autopilot-hetzner
v1.0.0Use for SySelf Autopilot on Hetzner: management kubeconfig setup, organization namespace, Hetzner account preparation, ClusterStack and Cluster manifests, ba...
⭐ 0· 204·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
high confidencePurpose & Capability
The name/description and the included templates/scripts align with SySelf Autopilot on Hetzner (kubeconfig preparation, ClusterStack/Cluster manifests, Hetzner bare metal onboarding). However the registry metadata claimed 'Required env vars: none' and 'Required config paths: none' while several scripts clearly require a management kubeconfig and Hetzner credentials (HCLOUD_TOKEN, HETZNER_ROBOT_USER, HETZNER_ROBOT_PASSWORD, SSH key paths). That mismatch between claimed requirements and actual files is an incoherence.
Instruction Scope
The SKILL.md and scripts stay within the expected workflow: preparing a management kubeconfig, applying manifests, and creating Kubernetes secrets for Hetzner credentials and SSH keys. They instruct reading local kubeconfig files and local SSH key files and calling kubectl and optionally hcloud. This is sensitive but within the stated purpose; the skill does not attempt obvious exfiltration or network calls to unknown endpoints in the provided files.
Install Mechanism
No install spec is present (instruction-only plus script files). No downloads or archive extraction are performed. Risk from installation is low, but runtime requires executing the included shell scripts on a host with kubectl and optional hcloud available.
Credentials
The scripts require multiple sensitive environment values and file paths (HCLOUD_TOKEN, Robot user/password, SSH key paths, SSH_KEY_NAME, and a kubeconfig file). These are appropriate for Hetzner/SySelf onboarding, but the skill metadata did not declare them — that omission is a red flag because a user installing the skill could be unaware that the skill will read secrets and private keys. The scripts will create Kubernetes secrets from those inputs (which is expected behavior) but handling of private key files and tokens deserves explicit disclosure.
Persistence & Privilege
The skill is not always:true and does not request system-wide persistence. It operates by running scripts and issuing kubectl/hcloud commands against a management cluster the operator must supply. It does create secrets inside the target Kubernetes cluster (expected for its purpose), but it does not modify other skills or agent-wide configuration in the provided files.
What to consider before installing
This package contains useful templates and scripts for SySelf Autopilot on Hetzner, but the registry metadata fails to declare the sensitive inputs the scripts require. Before installing or running: 1) Verify the skill source and trustworthiness (source is unknown). 2) Inspect the scripts (you already have them) and confirm you are comfortable running kubectl and bash locally. 3) Understand that the scripts expect a management kubeconfig and will read environment variables and local private SSH key files and then create Kubernetes secrets in the management cluster—keep least-privilege tokens and use dedicated project-scoped HCLOUD tokens. 4) Do not run these scripts on machines that hold unrelated sensitive credentials. 5) If you decide to use it, run in a controlled environment first and request the missing metadata (declare required env vars/config paths) from the publisher so requirements are explicit.Like a lobster shell, security has layers — review code before you run it.
latestvk9701z0cjr3wyw8tswmvryvgms82vaby
License
MIT-0
Free to use, modify, and redistribute. No attribution required.