NginxWebUI Manager
ReviewAudited by ClawScan on May 10, 2026.
Overview
This is a purpose-aligned NginxWebUI admin skill, but it uses powerful Docker/Nginx access and persists an API token in a workspace .env file.
Before installing, confirm you want the agent to manage live NginxWebUI reverse proxy settings. Provide only the credentials needed, protect the .env file where the token is stored, and review any delete or reload operation before allowing it to run.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If the agent runs the wrong create/delete/reload command, websites or services routed through Nginx could be disrupted.
The skill exposes high-impact administrative operations through Docker and the NginxWebUI API. This is aligned with the stated purpose, but misuse could break or change reverse proxy behavior.
List/create/delete servers and locations, reload nginx, manage upstreams. All calls through docker exec into the nginxwebui container.
Only approve specific, intended server/location changes and review IDs, hostnames, ports, and reload requests before execution.
Installing and using the skill gives the agent a path to make admin-level NginxWebUI changes through the local Docker environment.
The skill requires privileged local/container access and admin credentials. This is expected for the integration, but it is powerful access that is not reflected in the registry credential/env-var declarations.
Requires Docker socket access... Valid NginxWebUI admin credentials with API access enabled
Use the least-privileged NginxWebUI account that can perform the needed task, and run it only in environments where Docker access is appropriate.
Anyone or any process with access to that .env file may be able to reuse the NginxWebUI API token until it expires or is revoked.
The script stores the API token persistently in a workspace .env file. This matches the SKILL.md description, but the token is sensitive and the path is hard-coded.
env_file = "/home/node/.openclaw/workspace/liyj/.env" ... content = re.sub(r"NGINXWEBUI_TOKEN=.*", f"NGINXWEBUI_TOKEN={token}", content)Protect the workspace .env file, avoid sharing it, and rotate or remove the token when access is no longer needed.