ClawHub

Vmware Aria

v1.5.12

Use this skill whenever the user needs VMware Aria Operations data — performance metrics, alerts, capacity planning, anomaly detection, and automated reports...

0· 306·0 current·0 all-time
by@zw008
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
Capability signals
CryptoRequires sensitive credentials
These labels describe what authority the skill may exercise. They are separate from suspicious or malicious moderation verdicts.
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
The name/description (Aria Operations monitoring) matches the declared requirements: a vmware-aria CLI binary, a VMWARE_ARIA_CONFIG pointing to the config.yaml, and per-target password env vars/.env. The listed endpoints and operations are consistent with Aria Ops API usage.
Instruction Scope
SKILL.md instructs the agent to read the stated config (~/.vmware-aria/config.yaml and .env) and contact Aria Ops on port 443; it does not instruct reading unrelated system files or sending data to other external endpoints. The 'doctor' command will test auth/token acquisition and TCP connectivity to configured Aria hosts, which is expected.
Install Mechanism
This is an instruction-only skill (no install spec provided to the registry). The docs suggest installing via uv/pip/docker or from GitHub — standard, traceable installation mechanisms; there are no obscure download URLs or automatic extract-and-run steps embedded in the skill package.
Credentials
The skill requires VMWARE_ARIA_CONFIG (path to config) and uses per-target password env vars (VMWARE_ARIA_<TARGET>_PASSWORD) or a ~/.vmware-aria/.env file. These credentials are high-value but proportionate to the stated Aria Ops tasks. Users should ensure least-privilege accounts (ReadOnly for reads; PowerUser for alert acknowledge/cancel) and proper file perms (chmod 600) as the docs recommend.
Persistence & Privilege
always:false (no forced permanent inclusion). The skill does not request background services or system-wide privilege modifications. It documents optional MCP/server integration that requires user-side configuration (e.g., adding an mcpServers entry) rather than silent changes.
Assessment
This skill appears to be what it says: a local CLI client for VMware Aria Operations. Before installing, verify you trust the vmware-aria binary source (the repo link is provided), run the tool in a controlled environment, and use least-privilege Aria accounts. Store passwords only in the recommended .env (chmod 600) or per-session env vars, and confirm the audit DB path (~/.vmware/audit.db) meets your policies. Be cautious when running the 'doctor' command because it will attempt token acquisition/connection tests to the configured Aria hosts. If you need stronger assurance, review the GitHub source and the installed package contents before enabling the MCP integration or placing the binary on PATH.

Like a lobster shell, security has layers — review code before you run it.

latestvk973fpg0sq795hgxqxm4npsspn851rrp

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

📊 Clawdis
OSmacOS · Linux
Binsvmware-aria
EnvVMWARE_ARIA_CONFIG
Config~/.vmware-aria/config.yaml, ~/.vmware-aria/.env
Primary envVMWARE_ARIA_CONFIG

Comments