kubevpn
v2.9.14KubeVPN is a cloud-native dev tool to connect local machine to Kubernetes cluster networks. Use this skill when the user mentions: kubevpn, KubeVPN, or any o...
⭐ 1· 127·0 current·0 all-time
bynaison@wencaiwulue
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
medium confidencePurpose & Capability
The name/description (connect/proxy/run/sync to Kubernetes clusters) matches the instructions: the SKILL.md explains VPN tunnels, sidecar injection, image transfer, and local Docker pod simulation. The features being requested (kubeconfig, SSH bastion usage, helm/kubectl/ docker interactions) are coherent with this purpose.
Instruction Scope
Instructions describe actions that require cluster and local host privileges (deploying a traffic-manager, injecting sidecars, altering iptables, creating tun interfaces, attaching Docker containers to cluster network). These actions are expected for the stated functionality, but they are powerful and can modify cluster workloads and local networking. The docs reference local files (~/.kube/config, ~/.ssh/*, ~/.kubevpn/config.yaml) and remote config URLs; those are relevant to operation but should be treated as sensitive.
Install Mechanism
The skill itself is instruction-only (no install spec). The docs recommend installing from brew, krew, scoop or via curl -fsSL https://kubevpn.dev/install.sh | sh and a Helm repo (https://kubevpn.dev/helm). Pointing to an official domain is normal, but piping a remote install script (curl | sh) and relying on a remote Helm repo are higher-risk practices — verify the upstream project, release signatures, or review the install script before running.
Credentials
The skill declares no required env vars, which is consistent for an instruction-only skill, but the workflows rely on sensitive local credentials/files: kubeconfig content (which contains cluster credentials), SSH private keys (~/.ssh/id_rsa), and optional inline kubeconfig JSON or remote config URLs. These are appropriate for the tool's purpose but are high-sensitivity and should not be supplied to untrusted code or actors.
Persistence & Privilege
The skill does not request 'always:true' or permanent elevated platform privileges. However, the documented operations themselves require cluster-level and host-level privileges (deployment of server components, sidecar injection, privileged Docker containers by default). Those privileges are consistent with the tool's goals but increase risk if misused.
Assessment
This skill is coherent with its stated goal (bridging your machine to Kubernetes networks), but it performs high‑privilege actions and references sensitive local credentials and remote installers. Before using or running any commands from this skill: (1) verify the upstream project (GitHub repo, official release artifacts, and Helm chart) and prefer signed releases; (2) review any install script (don’t blindly run curl | sh); (3) do not hand your kubeconfig or SSH private keys to untrusted processes — only use local kubeconfig/keys with tools you trust; (4) be aware that proxy/run/sync injects or modifies cluster workloads (may disrupt production); (5) note that local containers default to privileged=true and the tool can change iptables and create tun devices — test in a staging environment first; (6) avoid using remote config URLs or inline kubeconfig JSON from unknown sources. If you want higher confidence, provide the upstream repo URL, package release checksums/signatures, or the installer script for review.Like a lobster shell, security has layers — review code before you run it.
latestvk976fq8x230xc9g8d6z4qzga2d838bsmv2.9.14vk976fq8x230xc9g8d6z4qzga2d838bsm
License
MIT-0
Free to use, modify, and redistribute. No attribution required.