Hetzner Cloud CLI
v1.0.0Hetzner Cloud CLI for managing servers, volumes, firewalls, networks, DNS, and snapshots.
⭐ 4· 3.5k·21 current·22 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
high confidencePurpose & Capability
The name/description match the runtime instructions: the document instructs how to install and use the hcloud CLI to manage servers, volumes, firewalls, networks, DNS, and snapshots. Requested capabilities (creating contexts and using API tokens with read/write where needed) are appropriate for that purpose.
Instruction Scope
SKILL.md stays within the scope of managing Hetzner Cloud resources. It does not ask the agent to read unrelated system files or unrelated credentials. It does reference the user's SSH public key (~/.ssh/id_rsa.pub) when describing ssh-key upload, which is expected for the stated task, and it explicitly warns against destructive actions and leaking tokens.
Install Mechanism
The skill is instruction-only and provides standard package manager install commands (brew/apt/dnf) and an official GitHub repository link. There is no embedded download/install script or archive extraction in the skill bundle itself.
Credentials
No environment variables or credentials are declared in the manifest; runtime instructions explain generating and storing a Hetzner API token via hcloud contexts (interactive token paste). Requesting a read+write API token is proportionate because the CLI can perform create/modify operations.
Persistence & Privilege
The skill is not always-enabled and does not request system-wide privileges. There is no install-time persistence specified in the skill bundle. The default ability for the agent to invoke the skill autonomously is standard and not combined with other risky flags.
Assessment
This is an instruction-only skill that documents how to use the official Hetzner CLI. Before installing or using it: (1) only install the CLI from the official sources (the linked GitHub repo or your OS package manager), (2) generate a Hetzner API token with the minimum permissions you need (avoid full admin if not required), store tokens securely (hcloud contexts or your secrets manager), and never paste tokens into untrusted consoles, (3) be aware the CLI can perform destructive actions — follow the SKILL.md safety guidance and confirm any create/modify operations, and (4) verify the owner/publisher if you plan to let an autonomous agent use these instructions to perform operations on your infrastructure.Like a lobster shell, security has layers — review code before you run it.
latestvk97fmzvgxkea3jpb7ayvpkkmk17yy6bs
License
MIT-0
Free to use, modify, and redistribute. No attribution required.