ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

UnraidClaw

Manage your Unraid server through AI agents - 43 tools for Docker, VMs, array, shares, system, notifications, and more with permission control.

MIT-0 · Free to use, modify, and redistribute. No attribution required.
0 · 159 · 0 current installs · 0 all-time installs
by@emaspa
MIT-0
Security Scan
VirusTotalVirusTotal
Pending
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
The name/description, SKILL.md, openclaw.plugin.json and the source code all align: this is an OpenClaw/OpenClaw plugin that talks to an UnraidClaw server via an API key and exposes management tools for Docker, VMs, array, shares, system, notifications, logs and network. There are no unrelated environment variables or unexpected binaries requested.
Instruction Scope
SKILL.md instructs installing the plugin from npm and configuring serverUrl/apiKey; the code only reads plugin/config entries and uses them to call the configured UnraidClaw server endpoints. The runtime instructions do not direct the agent to read unrelated files or exfiltrate data to third-party endpoints.
Install Mechanism
There is no registry install spec in the manifest, but SKILL.md tells users to install via npm. The package itself is self-contained (no downloads from arbitrary URLs). Installing npm packages executes third-party code — this is expected for a plugin but worth reviewing the package source (GitHub/npm) before trusting it.
Credentials
No global env vars are requested. The plugin requires a serverUrl and an apiKey (declared in openclaw.plugin.json and SKILL.md) which are appropriate and proportionate for the stated functionality. tlsSkipVerify is optional for self-signed certs (has security implications if used).
Persistence & Privilege
The skill is not always:true and uses normal plugin registration. However, the exposed tools include destructive operations (remove containers, force-stop VMs, reboot/shutdown, array stop/start and parity operations). If the agent is allowed to invoke tools autonomously, those destructive actions could be executed — ensure permission gating and the server-side 22-key permission matrix are correctly configured and limited.
Assessment
This package appears to do what it says: it needs a UnraidClaw server URL and an API key and will call that server's /api/* endpoints. Before installing: (1) verify the npm package and GitHub repo (authenticity and recent commits) to ensure you trust the publisher; (2) create a dedicated API key with the minimal permissions needed (do not use a full-admin key if not necessary) and confirm the plugin's permission matrix in your Unraid WebGUI; (3) avoid setting tlsSkipVerify:true unless you must (it disables TLS verification and can enable MiTM attacks); (4) be aware the plugin exposes destructive actions (stop/remove containers, force-stop VMs, reboot/shutdown, parity corrections) — restrict who or what agents can call these tools and monitor audit logs; (5) if you allow autonomous agent invocation, consider stricter permissioning or making destructive tools optional/disabled. If you want higher assurance, review the plugin source on GitHub and confirm the package checksum before installing.
!
openclaw.plugin.json:56
Install source points to URL shortener or raw IP.
About static analysis
These patterns were detected by automated regex scanning. They may be normal for skills that integrate with external APIs. Check the VirusTotal and OpenClaw results above for context-aware analysis.

Like a lobster shell, security has layers — review code before you run it.

Current versionv0.1.8
Download zip
latestvk972mf8tmfc0pc4021jqpesxf983t3kc

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

SKILL.md

UnraidClaw

Manage your Unraid server through AI agents with full permission control.

What it does

UnraidClaw gives AI agents 43 tools across 11 categories to monitor and manage an Unraid server:

  • Docker - List, inspect, start, stop, restart, pause, unpause, remove, and create containers
  • VMs - List, inspect, start, stop, force-stop, pause, resume, reboot, reset, and remove virtual machines
  • Array - View array status, start/stop array, run parity checks
  • Disks - List disks, view SMART data and individual disk details
  • Shares - List shares, view details, update share settings (allocator, floor, split level, comment)
  • System - System info, CPU/memory/uptime, list services, reboot, shutdown
  • Notifications - List, create, archive, and delete notifications
  • Network - View network interfaces and configuration
  • Users - View current user info
  • Logs - Read syslog entries
  • Health - Server health check

Every tool is gated by a 22-key permission matrix (resource:action) configurable from the Unraid WebGUI. The server logs all API activity.

Requirements

  • Unraid 6.12+ with the UnraidClaw plugin installed
  • An API key generated from the UnraidClaw settings page

Configuration

FieldDescription
serverUrlURL of your UnraidClaw server (e.g. http://192.168.1.100:9876)
apiKeyAPI key from the UnraidClaw settings page
tlsSkipVerifySet to true for self-signed TLS certificates

Install

UnraidClaw is an OpenClaw plugin (not a skill). Install from npm:

openclaw plugins install unraidclaw --registry npm

Then configure in ~/.openclaw/openclaw.json:

{
  "plugins": {
    "unraidclaw": {
      "serverUrl": "http://YOUR_UNRAID_IP:9876",
      "apiKey": "YOUR_API_KEY"
    }
  }
}

Examples

  • "List all running Docker containers"
  • "Stop the plex container"
  • "What's the array status?"
  • "Show me disk temperatures"
  • "Create a new nginx container with port 8080"
  • "Check parity status"
  • "Show recent notifications"
  • "Reboot the server"

Links

Files

22 total
Select a file
Select a file to preview.

Comments

Loading comments…