Homelab Ai
ReviewAudited by ClawScan on May 10, 2026.
Overview
This is a coherent local AI cluster setup, but it installs external packages and opens an automatically discovered local/LAN AI service that should only be used on trusted machines and networks.
Before installing, verify the upstream package source, run it only on trusted machines, and ensure your firewall or router prevents untrusted devices from accessing the homelab AI endpoint. Avoid sending sensitive prompts or audio until you understand which nodes can join and what the local logs contain.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Prompts, audio files, embeddings requests, and dashboard/fleet metadata may move through the local router and nodes; other devices on the same network could potentially interact with the service if it is reachable.
The cluster relies on automatic local-network discovery and an OpenAI-compatible endpoint that the example treats as not needing an API key. This is expected for the stated zero-config home-lab purpose, but the visible artifact does not describe authentication, node identity checks, or network access limits.
Home lab devices discover each other automatically on your local network. No IP addresses, no config files ... api_key="not-needed" ... http://homelab-router:11435/v1
Run it only on a trusted LAN, use host firewalls or bind settings where available, and verify which machines are allowed to join the fleet before sending sensitive prompts or files.
Installing these packages runs code outside the reviewed artifact set, so package provenance and version changes matter.
The skill is instruction-only and tells the user to install external packages from package managers; those commands are central to the purpose, but the artifact does not pin versions or include code for review.
pip install ollama-herd ... uv tool install mflux ... uv tool install diffusionkit
Install from the expected upstream project, consider pinning versions, and review the package/project before running it on multiple machines.
Local logs may contain operational details about requests, devices, or usage patterns.
The artifact discloses local operational storage for latency/log data and dashboard trends. This appears purpose-aligned, but the visible text does not specify exactly what is written to the JSONL log or retention controls.
configPaths":["~/.fleet-manager/latency.db","~/.fleet-manager/logs/herd.jsonl"] ... Trends — home lab requests per hour, latency, token throughput over 24h-7d
Check the log contents and retention behavior, especially if using the cluster for private prompts, audio, or team/shared-machine workflows.