ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Vmware Vks

v1.5.11

Use this skill whenever the user needs to manage vSphere Kubernetes Service (VKS) — Supervisor clusters, vSphere Namespaces, and TKC cluster lifecycle. Direc...

0· 315·0 current·0 all-time
by@zw008
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Pending
View report →
OpenClawOpenClaw
Suspicious
high confidence
Purpose & Capability
Name, description, required binary (vmware-vks), required config paths (~/.vmware-vks/config.yaml, ~/.vmware-vks/.env) and declared env (VMWARE_VKS_CONFIG) are coherent with a vSphere VKS management tool. One notable deviation: the skill (via its vmware-policy dependency) writes an audit DB to ~/.vmware/audit.db, which is outside the declared ~/.vmware-vks paths and is not listed in required config paths—this cross-directory persistence is plausible for a shared audit facility but should be called out.
!
Instruction Scope
SKILL.md instructions stay within the task (calling vmware-vks CLI, reading config.yaml/.env). However the guide recommends putting per-target passwords into other configuration locations (example shows putting a password into ~/.claude/settings.json's env block) and shows the skill returning 'Harbor admin credentials' via get_harbor_info. Those suggestions increase the chance of credential exposure. The skill also documents support for verify_ssl: false (useful for self-signed certs but increases MITM risk if used broadly).
!
Install Mechanism
This registry entry is instruction-only and declares no install spec, but the skill requires the vmware-vks binary. SKILL.md recommends installing from PyPI/GitHub/ClawHub (uv tool, pip, npx), which is reasonable, but the absence of an install spec in the registry is an operational mismatch: the agent cannot auto-install the required binary. Installing from external package sources (PyPI/GitHub) is normal but the user should pin versions and vet the upstream project before installing.
Credentials
The declared primary credential (VMWARE_VKS_CONFIG) and per-target VMWARE_<TARGET>_PASSWORD env pattern are appropriate for a vCenter-managing CLI which needs host/user/password information. That said, the skill and docs encourage storing passwords in config files or env blocks (including examples that put passwords into other JSON config files), and the capability to return Harbor admin credentials means the tool can surface privileged secrets — users must ensure these outputs are only given to trusted principals.
Persistence & Privilege
always is false (normal). The skill relies on vmware-policy which records write operations to ~/.vmware/audit.db (a shared location outside ~/.vmware-vks). This creates a persistent artifact the user should be aware of (ownership, permissions, retention). The MCP example shows editing ~/.claude/settings.json to add an mcpServers entry with env values — that example would put secrets into another config file if followed, but the skill itself does not force always:true or autonomously modify other skills' configs.
What to consider before installing
Before installing: 1) Verify the upstream repository (https://github.com/zw008/VMware-VKS) and pin a known-good release when installing from PyPI/GitHub. 2) Understand that this registry entry is instruction-only and will not auto-install the vmware-vks binary — you must install it manually from a trusted source. 3) Store per-target passwords securely (the docs recommend ~/.vmware-vks/.env with chmod 600); avoid placing secrets into other tool config files (e.g., ~/.claude/settings.json) as shown in examples. 4) Be aware get_harbor_info can return admin credentials and vmware-policy writes an audit DB to ~/.vmware/audit.db — review that file's location, ownership, and retention policy. 5) Prefer verify_ssl: true where possible; only use verify_ssl: false in controlled environments. 6) If you rely on agent automation, limit agent permissions and review audit logs regularly. If any of these behaviors are unacceptable, do not install or run the skill until the upstream project or skill author clarifies/changes them.

Like a lobster shell, security has layers — review code before you run it.

latestvk978s915r2n3g5vvmnykg9v12184y0g6

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

☸️ Clawdis
OSmacOS · Linux
Binsvmware-vks
EnvVMWARE_VKS_CONFIG
Config~/.vmware-vks/config.yaml, ~/.vmware-vks/.env
Primary envVMWARE_VKS_CONFIG

Comments