Vmware Policy

v1.5.14

Unified audit logging, policy enforcement, and input sanitization for the entire VMware MCP skill family. Use when querying audit logs, managing policy rules...

⭐ 0· 172·0 current·0 all-time

by@zw008

OpenClaw Prompt Flow

Install with OpenClaw

Best for remote or guided setup. Copy the exact prompt, then paste it into OpenClaw for zw008/vmware-policy.

Previewing Install & Setup.

Prompt PreviewInstall & Setup

Install the skill "Vmware Policy" (zw008/vmware-policy) from ClawHub.
Skill page: https://clawhub.ai/zw008/vmware-policy
Keep the work scoped to this skill only.
After install, inspect the skill metadata and help me finish setup.
Required binaries: vmware-audit
Config paths to check: ~/.vmware/rules.yaml
Use only the metadata you can verify from ClawHub; do not invent missing requirements.
Ask before making any broader environment changes.

Command Line

CLI Commands

Use the direct CLI path if you want to install manually and keep every step visible.

OpenClaw CLI

Bare skill slug

openclaw skills install vmware-policy

ClawHub CLI

Package manager switcher

npx clawhub@latest install vmware-policy

Security Scan

Capability signals

Requires sensitive credentials

These labels describe what authority the skill may exercise. They are separate from suspicious or malicious moderation verdicts.

VirusTotal

Benign

View report →

OpenClaw

Benign

high confidence

✓

Purpose & Capability

Name/description match the declared behavior: unified audit logging, policy enforcement, sanitization, and a decorator that wraps other VMware skills. Declared binary (vmware-audit) and config path (~/.vmware/rules.yaml) are consistent with the stated functionality.

ℹ

Instruction Scope

SKILL.md limits actions to local audit DB, rules file, CLI operations, and decorator/sanitizer use. It does detect AI agent presence via common environment variables and writes audit records (timestamp, skill, tool, params, result, user, agent, etc.) to ~/.vmware/audit.db. That is consistent with an audit system but means parameters/results may be logged locally (sensitive_params are redacted if configured). No instructions to transmit data to external endpoints are present.

ℹ

Install Mechanism

The skill is instruction-only (no code files) and references installation via the platform 'uv' (installer: kind: uv, package: vmware-policy) which is a low-risk, registry-style mechanism. Minor inconsistency: registry metadata indicates 'No install spec' while SKILL.md contains an 'installer' block. Nothing points to downloads from untrusted URLs or archive extraction.

ℹ

Credentials

No required credentials are requested. The skill relies on/reads standard env vars for agent detection (CLAUDE_SESSION_ID, OLLAMA_HOST, OPENAI_API_KEY, DEERFLOW_SESSION) and supports VMWARE_POLICY_DISABLED for bypass. This is expected, but because parameters/results are recorded in the audit DB, ensure sensitive parameters are listed in sensitive_params to avoid logging secrets.

ℹ

Persistence & Privilege

always:false and no unusual persistence flags. The skill is intended to be auto-installed as a dependency across the VMware skill family and to wrap many tools; that increases its influence/attack surface if it were malicious, but the skill itself does not request elevated system-wide privileges or modify other skills' configs. Autonomous invocation is allowed (default) which is expected for skills.

Assessment

This skill appears to be what it claims: a local audit and policy library that decorates other VMware skills. Before installing: 1) verify the upstream source (github.com/zw008/VMware-Policy) and inspect the published package if you can; 2) ensure ~/.vmware is restricted (chmod 700) and review ~/.vmware/rules.yaml so rules do not inadvertently permit or block operations you care about; 3) confirm that sensitive parameters are declared via sensitive_params to avoid logging secrets, and audit the DB (~/.vmware/audit.db) contents for sensitive data; 4) note the skill detects agent-related env vars (for logging) and honors VMWARE_POLICY_DISABLED for bypass — treat that env var carefully; 5) resolve the minor metadata inconsistency about the install spec (SKILL.md has an installer block but registry says no install spec) by checking the package manifest before install. Overall coherent, but review logging/configuration and the package source before enabling across many skills.

Like a lobster shell, security has layers — review code before you run it.

Runtime requirements

🛡️ Clawdis

OSmacOS · Linux

Binsvmware-audit

Config~/.vmware/rules.yaml

latestvk9772t5a4kkc84q4v3ev9dv3hs859s7p

172downloads

0stars

4versions

Updated 1w ago

v1.5.14

MIT-0

macOS, Linux

VMware Policy

Disclaimer: This is a community-maintained open-source project and is not affiliated with, endorsed by, or sponsored by VMware, Inc. or Broadcom Inc. "VMware" and "vSphere" are trademarks of Broadcom. Source code is publicly auditable at github.com/zw008/VMware-Policy under the MIT license.

Unified audit logging, policy enforcement, and input sanitization -- the infrastructure layer for the entire VMware MCP skill family.

Infrastructure dependency: All 8 VMware skills depend on vmware-policy. It is auto-installed and provides the @vmware_tool decorator, sanitize(), and the shared audit database. Family: vmware-aiops (VM lifecycle), vmware-monitor (read-only monitoring), vmware-storage (iSCSI/vSAN), vmware-vks (Tanzu Kubernetes), vmware-nsx (NSX networking), vmware-nsx-security (DFW/firewall), vmware-aria (metrics/alerts/capacity), vmware-avi (AVI/ALB/AKO). | vmware-pilot (workflow orchestration)

What This Skill Does

Category	Components	Count
Audit Logging	AuditEngine (SQLite WAL), log rotation, agent detection	3
Policy Engine	deny rules, maintenance windows, change limits, hot-reload	4
Sanitization	`sanitize()` -- prompt injection defense, control char stripping	1
Decorator	`@vmware_tool` -- pre-check + execute + post-log + metadata	1
CLI	`vmware-audit log`, `vmware-audit export`, `vmware-audit stats`	3

Quick Install

uv tool install vmware-policy
vmware-audit stats          # verify installation

vmware-policy is automatically installed as a dependency of all VMware skills. Manual install is only needed for standalone audit querying.

When to Use This Skill

Query the unified audit trail across all VMware skills
View denied operations and policy violations
Check audit statistics (by skill, by status, by time range)
Export audit logs as JSON for external analysis
Configure deny rules, maintenance windows, or change limits
Integrate the @vmware_tool decorator into a new VMware skill

This skill is auto-loaded as a dependency -- you do not need to invoke it directly. It activates when:

Any VMware skill tool function is called (via @vmware_tool decorator)
User asks about audit logs, denied operations, or policy rules
User runs vmware-audit CLI commands

Related Skills -- Skill Routing

User Intent	Recommended Skill
VM lifecycle, deployment, guest ops	vmware-aiops (`uv tool install vmware-aiops`)
Read-only monitoring, zero risk	vmware-monitor (`uv tool install vmware-monitor`)
Storage: iSCSI, vSAN, datastores	vmware-storage (`uv tool install vmware-storage`)
Tanzu Kubernetes (vSphere 8.x+)	vmware-vks (`uv tool install vmware-vks`)
NSX networking: segments, gateways, NAT	vmware-nsx (`uv tool install vmware-nsx-mgmt`)
NSX security: DFW rules, security groups	vmware-nsx-security (`uv tool install vmware-nsx-security`)
Aria Ops: metrics, alerts, capacity	vmware-aria (`uv tool install vmware-aria`)
Load balancer, AVI, ALB, AKO, Ingress	vmware-avi (`uv tool install vmware-avi`)
Multi-step workflows with approval	vmware-pilot
Audit log query, policy rules	vmware-policy -- this skill

Common Workflows

Query Recent Audit Activity

View last 20 audit entries: vmware-audit log --last 20
Filter by skill: vmware-audit log --skill vmware-nsx --last 50
Check denied operations: vmware-audit log --status denied --since 2026-03-28
View aggregate stats: vmware-audit stats --days 7

Set Up Policy Rules for Production

Copy default rules: cp $(python -c "import vmware_policy; print(vmware_policy.__file__.replace('__init__.py','rules_default.yaml'))") ~/.vmware/rules.yaml

Edit ~/.vmware/rules.yaml -- add deny rules for production:

deny:
  - name: no-delete-in-prod
    operations: ["delete_*", "cluster_delete"]
    environments: ["production"]
    reason: "Destructive operations blocked in production"
maintenance_window:
  start: "22:00"
  end: "06:00"

Rules hot-reload automatically -- no restart needed
Verify: vmware-audit log --status denied to see blocked operations

Export Audit Logs for Compliance

Export all logs as JSON: vmware-audit export --format json > audit-export.json
Filter by skill: vmware-audit export --skill vmware-aiops --since 2026-01-01
Import into your SIEM or compliance tool

Usage Mode

Scenario	Recommended	Why
Query audit logs	CLI	`vmware-audit` provides rich table output
Integrate into a skill	Python API	`from vmware_policy import vmware_tool, sanitize`
Automated compliance export	CLI	`vmware-audit export --format json` pipes to any tool

CLI Quick Reference

# View recent audit entries
vmware-audit log --last 20
vmware-audit log --skill vmware-nsx --status denied
vmware-audit log --since 2026-03-28 --tool delete_segment

# Export for compliance
vmware-audit export --format json > audit.json
vmware-audit export --skill vmware-aiops --since 2026-01-01

# Aggregate statistics
vmware-audit stats --days 7
vmware-audit stats --days 30

Full CLI reference: see references/cli-reference.md

Python API

from vmware_policy import vmware_tool, sanitize

# Wrap every MCP tool function
@vmware_tool(risk_level="high", sensitive_params=["password"])
def delete_segment(name: str, env: str = "") -> dict:
    ...

# Sanitize untrusted API responses before returning to LLM
clean_text = sanitize(api_response_text, max_len=500)

MCP Tools (0)

vmware-policy does not expose MCP tools. It is a Python library and CLI consumed by other VMware skills.

Component	Type	Description
`@vmware_tool`	Decorator	Wraps all 156+ MCP tools across 8 skills
`sanitize()`	Function	Prompt injection defense for API responses
`AuditEngine`	Class	SQLite WAL audit logger with rotation
`PolicyEngine`	Class	YAML rule evaluation with hot-reload
`vmware-audit`	CLI	Typer CLI for querying audit trail
`detect_agent()`	Function	Infers calling AI agent from env vars (see below)

Agent Detection (Transparency Note)

The detect_agent() function in audit.py checks the following environment variables to identify which AI agent is calling the tools. This is read-only inspection for audit logging purposes — no credentials are extracted or stored:

Env Var	Detected Agent	Purpose
`CLAUDE_SESSION_ID` or `CLAUDE_CODE`	claude	Claude Code session
`OPENAI_API_KEY` or `CODEX_SESSION`	codex	OpenAI Codex session
`OLLAMA_HOST`	local	Local Ollama model
`DEERFLOW_SESSION`	deerflow	DeerFlow session
(none matched)	unknown	Unrecognized agent

The detected agent name is stored in the agent column of ~/.vmware/audit.db for audit trail purposes only. No API keys or tokens are logged.

Troubleshooting

"Cannot initialize audit DB" warning

The audit database directory ~/.vmware/ must be writable. Create it manually: mkdir -p ~/.vmware && chmod 700 ~/.vmware.

Policy rules not taking effect

Rules are loaded from ~/.vmware/rules.yaml. Verify the file exists and contains valid YAML. The PolicyEngine hot-reloads on file change -- no restart needed.

Audit log growing too large

The AuditEngine automatically rotates at 100MB, keeping the 5 most recent archives. For manual cleanup: ls ~/.vmware/audit.*.db to see archives.

"PolicyDenied" exception in skill

This means a deny rule in ~/.vmware/rules.yaml matched the operation. Check vmware-audit log --status denied to see the rule name and reason. To temporarily bypass: VMWARE_POLICY_DISABLED=1 (still logged as bypassed).

Decorator not detecting skill name

The @vmware_tool decorator infers the skill name from the module path (e.g., vmware_aiops.ops.vm_lifecycle -> aiops). If the module does not follow the vmware_<skill> convention, the skill is logged as "unknown".

SQLite "database is locked" error

Multiple concurrent skill processes can write to the same audit.db via WAL mode. If locks persist beyond 5 seconds, check for zombie processes holding the database file.

Setup

uv tool install vmware-policy
mkdir -p ~/.vmware

vmware-policy is auto-installed as a dependency of all VMware skills. The ~/.vmware/ directory is created automatically on first audit write.

Full setup guide, security details, and integration instructions: see references/setup-guide.md

Security

Source Code: github.com/zw008/VMware-Policy
Config File Contents: ~/.vmware/rules.yaml contains only rule definitions, no credentials
Webhook Data Scope: N/A -- vmware-policy does not send data externally
TLS Verification: N/A -- vmware-policy does not make network connections
Prompt Injection Protection: sanitize() truncates to 500 chars and strips C0/C1 control characters
Least Privilege: Audit database is local-only (~/.vmware/audit.db), no network exposure

License

MIT -- github.com/zw008/VMware-Policy

Comments

Loading comments...