← Back to Skills Marketplace
leventsoft

Portainer

by Leventsoft · GitHub ↗ · v0.1.1
cross-platform ⚠ suspicious
1350
Downloads
0
Stars
0
Active Installs
2
Versions
Install in OpenClaw
/install portainer-skill-openclaw
Description
Comprehensive management for Portainer CE environments and stacks. Supports listing environments, managing Docker Compose/Swarm stacks, and executing raw Docker commands via proxy. Use when the user needs to deploy apps, check container status, or manage networks within Portainer. Requires a Portainer API Key configured in OpenClaw.
Usage Guidance
Key things to check before installing: - Do not install on production until you verify the credential handling. The Python script expects PORTAINER_API_TOKEN and PORTAINER_API_URL environment variables, but the registry metadata lists none and SKILL.md tells you to set OpenClaw config keys—confirm how your OpenClaw instance maps config keys to environment variables. - Treat the Portainer API token as highly sensitive. Create a token with the minimum privileges required (prefer read-only where possible) and avoid using a full admin token unless absolutely necessary. - Review and test the included scripts in an isolated environment first. The skill proxies arbitrary Docker API calls (can start/stop containers, read files, etc.) and also disables TLS verification (verify=False), which weakens transport security. - Ask the publisher or maintainer to fix packaging inconsistencies: package.json lists Python libraries as Node deps (likely incorrect) and metadata should declare the required credential(s) explicitly (primaryEnv or requires.env). Also request that TLS verification be optional (not disabled by default) and that the code documents where OpenClaw will source the token. - If you can’t verify these issues, avoid granting a real Portainer token. Instead, test using a throwaway Portainer instance with no access to critical hosts/data. Confidence: high that these inconsistencies are real and should be resolved before trusting the skill.
Capability Analysis
Type: OpenClaw Skill Name: portainer-skill-openclaw Version: 0.1.1 The skill is classified as suspicious due to two main reasons found in `scripts/portainer_manager.py`. First, all HTTP requests to the Portainer API disable SSL certificate verification (`verify=False`), making the communication vulnerable to Man-in-the-Middle attacks and potentially exposing the Portainer API key and sensitive commands. Second, the `execute_docker_command` function allows the OpenClaw agent to proxy arbitrary Docker API requests through Portainer, granting extremely broad control over the underlying Docker environment, which is a high-risk capability that could lead to system compromise if exploited.
Capability Assessment
Purpose & Capability
The code and SKILL.md implement Portainer management and raw Docker proxying (consistent with the name/description). However the registry metadata lists no required credentials whereas the runtime code requires PORTAINER_API_TOKEN (and optionally PORTAINER_API_URL). The SKILL.md instructs users to set OpenClaw config keys (portainer.apiKey / portainer.url) but the Python script reads environment variables named PORTAINER_API_TOKEN and PORTAINER_API_URL, creating a mismatch that could lead to silent failures or accidental exposure of secrets.
Instruction Scope
The SKILL.md and README limit operations to Portainer API calls (listing environments, stacks, executing proxied Docker API calls). That scope matches the code. However execute_docker_command proxies arbitrary Docker API paths and inspect_stack pulls stack file contents—both operations can expose secrets or perform powerful changes to hosts/containers. The skill also disables TLS verification (verify=False) and suppresses cert warnings, increasing risk when connecting to remote Portainer instances.
Install Mechanism
There is no formal install spec (instruction-only), but a Python script is included and README instructs installing Python and pip packages. The package.json incorrectly lists Python libraries ('requests', 'urllib3') as Node dependencies, suggesting sloppy packaging and raising doubt about how the skill will be installed/executed in OpenClaw. No downloads from unknown URLs were found, but the mismatch indicates the packaging/installation story is inconsistent and should be clarified.
Credentials
The skill requires a Portainer API token at runtime (PORTAINER_API_TOKEN) and can optionally use a custom PORTAINER_API_URL. The registry metadata lists no required env vars or primary credential, and SKILL.md instructs setting OpenClaw config keys instead of environment variables—this is an incoherence. The token grants high privileges over Docker via Portainer; requesting that secret is proportionate to the feature set but should be explicitly declared in metadata and the README, and the user should be warned to use a minimally-privileged token.
Persistence & Privilege
The skill does not request always:true and doesn't claim to modify other skills or system-wide configuration. It runs as an invoked script (entrypoint) and does not attempt to persist or escalate privileges beyond using the provided Portainer token and URL.
How to Use
  1. Make sure OpenClaw is installed (local or Docker)
  2. Run the install command in chat: /install portainer-skill-openclaw
  3. After installation, invoke the skill by name or use /portainer-skill-openclaw
  4. Provide required inputs per the skill's parameter spec and get structured output
Version History
v0.1.1
Initial release of portainer-skill-openclaw. - Added core functionality to manage Portainer CE environments and stacks. - Introduced scripts/portainer_manager.py for API interactions. - Provided setup instructions and API key configuration in README.md. - Published package metadata with package.json.
v0.1.0
Portainer Manager initial release — manage your Docker infrastructure via Portainer CE API. - List and inspect Portainer environments (endpoints) and stacks. - Deploy, remove, and inspect Docker Compose/Swarm stacks. - Execute raw Docker API commands through the Portainer proxy. - Requires a Portainer API Key set in OpenClaw configuration.
Metadata
Slug portainer-skill-openclaw
Version 0.1.1
License
All-time Installs 0
Active Installs 0
Total Versions 2
Frequently Asked Questions

What is Portainer?

Comprehensive management for Portainer CE environments and stacks. Supports listing environments, managing Docker Compose/Swarm stacks, and executing raw Docker commands via proxy. Use when the user needs to deploy apps, check container status, or manage networks within Portainer. Requires a Portainer API Key configured in OpenClaw. It is an AI Agent Skill for Claude Code / OpenClaw, with 1350 downloads so far.

How do I install Portainer?

Run "/install portainer-skill-openclaw" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is Portainer free?

Yes, Portainer is completely free (open-source). You can download, install and use it at no cost.

Which platforms does Portainer support?

Portainer is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created Portainer?

It is built and maintained by Leventsoft (@leventsoft); the current version is v0.1.1.

More Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191115 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 Comments