← Back to Skills Marketplace
eddygk

Proxmox Ops

by Eddy · GitHub ↗ · v1.2.0 · MIT-0
darwinlinux ⚠ suspicious
749
Downloads
0
Stars
0
Active Installs
8
Versions
Install in OpenClaw
/install proxmox-ops
Description
Ops-focused Proxmox VE management via REST API — monitor, control, provision, and troubleshoot VMs and LXC containers with battle-tested operational patterns...
Usage Guidance
This skill appears to do what it says (Proxmox REST operations) and includes a usable helper script, but review before installing: - The registry metadata does NOT list the three required environment variables (PROXMOX_HOST, PROXMOX_TOKEN_ID, PROXMOX_TOKEN_SECRET) even though SKILL.md and the script require them. Treat that as a red flag: verify credential requirements yourself before trusting any automation. - The helper uses curl -k (disables TLS verification) to accommodate self-signed certs. This weakens transport security; prefer adding the CA or using properly signed certs rather than leaving -k in place for production use. - The provisioning examples include an obvious example password (changeme123). Never use example passwords; ensure provisioning uses secure secrets management and least-privilege API tokens. - The skill expects you to store an API token in ~/.proxmox-credentials (mode 600). That is reasonable, but confirm you create the file yourself and review its contents. Alternatively use ephemeral environment variables in CI/agents. - Because this is instruction-only with an included script, inspect scripts/pve.sh locally and consider running it in a controlled environment first. Verify the GitHub homepage, commit history, and author before integrating into automation. If you intend to deploy this in production automation, require an API token with minimized permissions, replace -k, remove example plaintext passwords, and confirm the registry metadata is corrected to declare required credentials.
Capability Analysis
Type: OpenClaw Skill Name: proxmox-ops Version: 1.2.0 The proxmox-ops skill is a legitimate toolkit for managing Proxmox VE via its REST API. It includes a helper script (scripts/pve.sh) and comprehensive documentation (SKILL.md, provisioning.md) for VM/LXC lifecycle management, snapshots, and resource monitoring. While it utilizes 'curl -k' to bypass TLS verification (documented as a workaround for Proxmox's default self-signed certificates) and manages sensitive API tokens in a local credential file, these actions are transparently disclosed and strictly aligned with the stated operational purpose without evidence of malicious intent or data exfiltration.
Capability Assessment
Purpose & Capability
SKILL.md and scripts clearly require PROXMOX_HOST, PROXMOX_TOKEN_ID, and PROXMOX_TOKEN_SECRET to talk to a Proxmox API; registry metadata lists no required env vars or primary credential. This mismatch is incoherent: a Proxmox management skill legitimately needs those credentials, but the registry entry does not declare them.
Instruction Scope
The instructions and scripts restrict actions to the user-configured Proxmox host and provide clear operation categories (read-only vs reversible vs destructive) and confirmation guidance. They instruct creating ~/.proxmox-credentials (mode 600) or using env vars. Two concerns: the examples include a weak example password ('changeme123') for provisioning, and the curl calls use -k (TLS verification disabled), which weakens transport security for self-signed servers.
Install Mechanism
No install spec — instruction-only skill with an included helper script. Required binaries (curl, jq) are declared and used. Low install risk because nothing is downloaded or installed automatically.
Credentials
The only runtime secrets needed are Proxmox API token and host, which are proportionate to the stated purpose. However, the registry metadata failing to declare these env vars/API token as required is a meaningful omission. Also, instructions recommend persisting the API token in ~/.proxmox-credentials (acceptable if user-managed and file perms are enforced) while curl -k reduces protection of that token in transit for self-signed servers; user should prefer properly-signed certs or securely handle verification.
Persistence & Privilege
always:false and no modifications to other skills/system settings. The skill suggests creating a user-owned credentials file (~/.proxmox-credentials) and reads it — this is expected behavior for convenience and not a privilege escalation.
How to Use
  1. Make sure OpenClaw is installed (local or Docker)
  2. Run the install command in chat: /install proxmox-ops
  3. After installation, invoke the skill by name or use /proxmox-ops
  4. Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.2.0
Rename display name from 'Proxmox Ops Skill' to 'Proxmox Ops'; sync with GitHub latest (commit 823dee2)
v1.1.2
Fix scanner: explicitly declare PROXMOX_HOST, PROXMOX_TOKEN_ID, PROXMOX_TOKEN_SECRET in description for credential coherence
v1.1.1
Add attribution for pve.sh origin (weird-aftertaste/proxmox) and Credits section in README
v1.1.0
Match proven scanner-passing pattern: remove requires.env gate, align description with idrac format, consolidate setup section
v1.0.3
Address all scanner findings: explicit env var declaration, dual credential patterns (file + env), network scope documentation, token rotation guidance, TLS alternatives
v1.0.2
Fix scanner findings: explicit credential lifecycle, least-privilege token guidance, TLS justification
v1.0.1
Add GitHub repo homepage link
v1.0.0
Ops-focused Proxmox VE management with auto node discovery, disk resize + in-guest steps, guest agent IP, vmstate warnings, safety gates, provisioning reference.
Metadata
Slug proxmox-ops
Version 1.2.0
License MIT-0
All-time Installs 1
Active Installs 0
Total Versions 8
Frequently Asked Questions

What is Proxmox Ops?

Ops-focused Proxmox VE management via REST API — monitor, control, provision, and troubleshoot VMs and LXC containers with battle-tested operational patterns... It is an AI Agent Skill for Claude Code / OpenClaw, with 749 downloads so far.

How do I install Proxmox Ops?

Run "/install proxmox-ops" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is Proxmox Ops free?

Yes, Proxmox Ops is completely free, licensed under MIT-0. You can download, install and use it at no cost.

Which platforms does Proxmox Ops support?

Proxmox Ops is cross-platform and runs anywhere OpenClaw / Claude Code is available (darwin, linux).

Who created Proxmox Ops?

It is built and maintained by Eddy (@eddygk); the current version is v1.2.0.

More Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463368 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259467 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200457 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191163 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190189 · by oswalpalash

💬 Comments