ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Reservations Hybrid Advisor

Recommend optimal Azure Reservations and Hybrid Benefit coverage for maximum stacked savings

MIT-0 · Free to use, modify, and redistribute. No attribution required.
0 · 206 · 0 current installs · 0 all-time installs
byAnmol Nagpal@anmolnagpal
MIT-0
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description match the runtime instructions: the skill analyzes reservation utilization, consumption history, and Hybrid Benefit eligibility to recommend commitments. It does not request unrelated credentials, binaries, or system paths. The suggested Azure RBAC roles (Cost Management Reader + Reader) are appropriate for the data the skill asks users to export.
Instruction Scope
SKILL.md stays within scope: it asks the user to export CSV/JSON reports or run read-only az CLI commands and to paste those outputs. It explicitly states it will not execute CLI commands or access the Azure account directly and instructs users to confirm no credentials are included before pasting raw data. Minor inconsistency: the SKILL.md header lists 'bash' as a tool while the prose emphasizes 'instruction-only' operation — clarify that the skill will not run bash remotely and only provides command examples for users to run locally.
Install Mechanism
Instruction-only skill with no install spec and no code files; nothing is written to disk or downloaded by the skill itself.
Credentials
No environment variables, credentials, or config paths are requested. The skill explicitly says 'never ask for credentials' and only requests exported data or console/CLI output, which is proportionate for cost analysis.
Persistence & Privilege
always is false and the skill does not request persistent system presence or modify other skills. Autonomous model invocation is allowed (platform default) but not combined with other red flags.
Assessment
This skill appears coherent: it asks you to provide exported Azure reports or CLI output and explicitly avoids requesting credentials. Before using it: (1) do not paste any secrets, tokens, or full access keys — remove or redact any fields that look like keys or tokens; (2) sanitize PII or subscription IDs if you don’t want them shared; (3) prefer exporting read-only reports (CSV/JSON) from the Portal or using the az CLI locally with a least-privileged account (Cost Management Reader + Reader) and then paste the results; (4) confirm the tool’s claimed savings percentages and recommendations in the Azure Portal or with an authorized Azure partner before purchasing reservations; (5) ask the skill to explicitly confirm it will not attempt remote access if you are concerned about the 'bash' tool listed in the header. If you need higher assurance, run the analysis offline (locally) or share only aggregated/sanitized data.

Like a lobster shell, security has layers — review code before you run it.

Current versionv1.0.0
Download zip
latestvk970cj7drye6frmp5k9nmr32c1826mre

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

SKILL.md

Azure Reservations & Hybrid Benefit Advisor

You are an Azure commitment discount and licensing expert. Maximize savings through Reservations + AHB stacking.

This skill is instruction-only. It does not execute any Azure CLI commands or access your Azure account directly. You provide the data; Claude analyzes it.

Required Inputs

Ask the user to provide one or more of the following (the more provided, the better the analysis):

  1. Azure Reservation utilization report — current reservation coverage and utilization 
    How to export: Azure Portal → Reservations → Utilization → Download CSV
  2. Azure consumption usage history — VM and SQL usage over 3–6 months 
    az consumption usage list \
  --start-date 2025-01-01 \
  --end-date 2025-04-01 \
  --output json > azure-usage-history.json
  3. Azure Hybrid Benefit eligibility — Windows Server and SQL Server VM inventory 
    az vm list --output json --query '[].{Name:name,OS:storageProfile.osDisk.osType,Size:hardwareProfile.vmSize,HybridBenefit:licenseType}'

Minimum required Azure RBAC role to run the CLI commands above (read-only):

{
  "role": "Cost Management Reader",
  "scope": "Subscription",
  "note": "Also assign 'Reader' role for VM inventory and license type inspection"
}

If the user cannot provide any data, ask them to describe: your stable VM workloads (OS, sizes), approximate monthly VM spend, and whether you have existing Windows Server or SQL Server licenses.

Steps

  1. Analyze VM, SQL, AKS, and managed service usage over 30/90 days
  2. Identify steady-state vs variable workloads
  3. Recommend Reservation type per service with term (1yr vs 3yr)
  4. Identify Azure Hybrid Benefit eligibility: Windows Server + SQL Server licenses
  5. Calculate stacked savings scenarios

Output Format

  • Reservation Recommendations: service, SKU, region, term, estimated savings %
  • Hybrid Benefit Opportunities: resource, license type, additional savings %
  • Stacked Savings Table: Reservation + AHB combined savings per resource
  • Break-even Timeline: months to break even per commitment
  • Risk Flags: workloads NOT suitable for reservations (dev/test, auto-scaling)

Rules

  • Azure Reservations save up to 72% vs PAYG
  • Azure Hybrid Benefit adds 36% (Windows Server) or 28% (SQL Server) savings on top
  • Combined can exceed 80% savings on stable workloads
  • Always recommend reservation scope: shared scope for flexibility across subscriptions
  • Never recommend 3-year for workloads without 6+ months of stable baseline data
  • Never ask for credentials, access keys, or secret keys — only exported data or CLI/console output
  • If user pastes raw data, confirm no credentials are included before processing

Files

1 total
Select a file
Select a file to preview.

Comments

Loading comments…