Vmware Harden
PassAudited by VirusTotal on May 8, 2026.
Overview
Type: OpenClaw Skill Name: vmware-harden Version: 1.5.22 The vmware-harden skill is a compliance auditing and drift detection tool for VMware environments. It implements a modular security architecture that separates data collection (delegated to vmware-aiops) and remediation execution (delegated to vmware-pilot), ensuring its own MCP tools remain read-only relative to the managed infrastructure. The documentation (SKILL.md, setup-guide.md) demonstrates security-conscious design through evidence sanitization, audit logging via vmware-policy, and clear boundaries for LLM-driven remediation advice.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
You would be trusting an externally installed CLI/MCP package to handle VMware compliance data.
The runnable binary is external to the reviewed artifact set, so the static scan could not inspect the package implementation that will perform scans.
Source: unknown; Homepage: none ... Required binaries (all must exist): vmware-harden ... No code files present — this is an instruction-only skill.
Install only from a trusted package/source, verify the claimed GitHub/PyPI provenance, and pin or control the package version in managed environments.
A scan can read inventory, settings, and security posture from VMware/NSX environments reachable by the upstream skills.
The skill relies on existing credentialed VMware/NSX collector configurations, which is expected for this purpose but still grants access to sensitive infrastructure information.
`vmware-harden` itself **never** opens a vSphere or NSX session — it reuses the collectors and credentials owned by the upstream skills ... All vSphere / NSX authentication lives in the upstream skills (`~/.vmware-aiops/.env`, `~/.vmware-nsx-security/.env`, etc.)
Use least-privilege read-only upstream accounts where possible and confirm the selected target name before scanning production environments.
Repeated or accidental scans could create load on vCenter/NSX collectors and update the local compliance database.
The scan tool is read-only to VMware resources, but it can trigger live API collection and local writes from within an agent workflow.
`scan_target` ... performs heavy network I/O ... walks the upstream `vmware-aiops` collectors against the live vCenter / NSX ... Agents should not call this in tight loops
Run scans only for user-approved targets and baselines, avoid automatic retry loops, and use cached `list_violations`/reports for follow-up questions.
The local DuckDB may reveal infrastructure configuration, violations, drift history, and suggested fixes if exposed.
Compliance evidence and remediation suggestions are persisted locally and can be reused by later commands or agent sessions.
`~/.vmware-harden/twin.duckdb` | Twin store: snapshots, violations, drift, suggestions | First `scan`
Protect `~/.vmware-harden/` with appropriate file permissions, avoid sharing the database unintentionally, and review retention practices.
Security posture details from violations may leave the local environment during advice generation.
When enabled, remediation advice can involve sending structured compliance evidence to an external LLM provider.
Optional: `ANTHROPIC_API_KEY` if you want real LLM advice ... No outbound network calls beyond ... Optional `api.anthropic.com` calls when `ANTHROPIC_API_KEY` is set and the user invokes `advise`.
Do not set `ANTHROPIC_API_KEY` or run `advise` on sensitive findings unless external LLM processing is allowed by your organization.
Following the remediation workflow can lead to host or firewall changes performed by other skills.
The cross-skill documentation shows that findings can feed into remediation workflows through vmware-pilot and sibling skills, which can affect live infrastructure after approval.
`vmware-harden apply --violation-id <vid>` ... pilot creates a Workflow ... invokes `vmware-aiops` MCP tool ... `vmware-aiops applies the change`
Keep remediation execution separated from scanning, require human approval, and review the generated execution plan before allowing vmware-pilot or sibling skills to apply changes.