ClawHub

Nginx Config Linter

v1.0.0

Lint, validate, and audit nginx configuration files for syntax errors, security issues, and performance problems.

0· 50·0 current·0 all-time
by@charlie-morrison
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description (nginx config linter) matches the included Python script and runtime instructions. The script parses nginx config trees, applies syntax/security/performance rules, and the SKILL.md shows commands to run the script against /etc/nginx — all coherent with a linter.
Instruction Scope
Runtime instructions tell the agent to run the included Python script against nginx config files (single file or recursive directory). Reading /etc/nginx is appropriate for this tool. The commands do allow scanning arbitrary paths (user-supplied), which is expected for a linter but means the tool can read any files the invoking user can access.
Install Mechanism
No install spec; skill is instruction-only with an included Python script. No external downloads or package installs are requested. This minimizes supply-chain risk.
Credentials
The skill declares no environment variables, no credentials, and no config paths. The script appears to use only Python stdlib modules (sys, os, re, json, glob, dataclasses, enum, typing) in the visible portion, which matches the described purpose and doesn't request unrelated secrets.
Persistence & Privilege
always is false and there is no indication the skill attempts to modify other skills or system-wide agent settings. It runs on demand and does not request elevated persistence.
Assessment
This skill appears coherent and safe for auditing nginx configs: it ships a pure-Python linter and asks you to run it against your config files. Before running it on production systems, review the entire scripts/nginx-config-linter.py to confirm there are no network calls or subprocess executions (the visible imports are stdlib-only but the file is truncated in the listing). Run it first on a copy of your configs or in a sandboxed environment, and avoid supplying paths with sensitive data unless you trust the script. If you need automated / scheduled checks, ensure the runner account has minimal file permissions needed for the configs to limit exposure.

Like a lobster shell, security has layers — review code before you run it.

latestvk971pjav285r2bew0fyskk6fz584r5rj

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments