← Back to Skills Marketplace
126
Downloads
0
Stars
0
Active Installs
1
Versions
Install in OpenClaw
/install ssl-certificate-manager
Description
Automate SSL certificate generation and management with DNS challenge validation and certificate provisioning.
Usage Guidance
This skill appears to describe a certificate-management API but omits critical operational details. Before installing or using it: 1) Ask the publisher for the API base URL and authentication method — do not assume requests are to a trusted host. 2) Confirm how private keys are handled: never fetch or store private.key into shared agent logs or third-party endpoints; require secure, private storage and transport (HTTPS, access controls). 3) Verify the provider's identity and reputation (homepage, documentation, TLS certs for the API host). 4) Prefer skills that explicitly declare required credentials (API key or OAuth) and include a servers field in openapi.json. 5) If uncertain, avoid using the download endpoint through the agent; manage private keys via your own infrastructure or vetted tooling. These gaps could be benign (incomplete docs or a local-only stub) but also could mask misuse — proceed only after clarifying the missing pieces.
Capability Analysis
Type: OpenClaw Skill
Name: ssl-certificate-manager
Version: 1.0.0
The skill facilitates SSL certificate management via the api.mkkpro.com service but is classified as suspicious due to high-risk security practices. Specifically, the service generates and stores private keys on its own servers rather than using local CSR generation, allowing them to be retrieved via the /download/{cert_name}/private.key endpoint as documented in SKILL.md and openapi.json. This architectural vulnerability exposes sensitive credentials to a third party, which is a significant security risk, although the behavior appears aligned with the tool's stated purpose and lacks clear evidence of intentional malice.
Capability Assessment
Purpose & Capability
Name and description match the provided endpoints (dns-challenge, generate-certificate, debug, download). However, a real certificate management API normally requires explicit authentication, a base URL/server, and integration details for DNS or DNS-provider APIs; none are declared. The absence of required credentials or configuration is unexpected for this capability but could be a minimal or local-only stub.
Instruction Scope
SKILL.md instructs calling endpoints that can issue certificates and download private keys, but it does not (a) specify the API base URL or auth method, (b) provide secure handling guidance for private keys, or (c) limit where downloaded keys should be stored or transmitted. The instructions are otherwise limited to HTTP API use and DNS TXT record guidance; they do not request reading local files or unrelated system data.
Install Mechanism
This is an instruction-only skill with no install spec and no code to write to disk, which is low-risk from an installation standpoint.
Credentials
The skill declares no required environment variables or credentials. That is unusual for a certificate provisioning API that issues private keys and certificates — typically some form of auth (API key, token) or DNS-provider credentials would be required. The lack of declared secrets or auth is an unexplained omission and increases the chance the skill is incomplete or misdocumented.
Persistence & Privilege
The skill does not request permanent presence (always:false) and does not declare permissions to modify other skills or system settings. Agent autonomy is enabled by default (not a unique risk here).
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install ssl-certificate-manager - After installation, invoke the skill by name or use
/ssl-certificate-manager - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.0
- Initial release of Simple SSL Certificate Manager.
- Provides a streamlined API to automate SSL/TLS certificate lifecycle management with DNS challenge validation.
- Supports endpoints for DNS challenge creation, certificate generation, certificate download, DNS debugging, health checks, and API info.
- Enables flexible workflows for both staging and production environments.
- Suitable for organizations automating certificate renewals and managing multiple domains.
- Includes sample requests, responses, and plan-based pricing structure.
Metadata
Frequently Asked Questions
What is SSL Certificate Manager?
Automate SSL certificate generation and management with DNS challenge validation and certificate provisioning. It is an AI Agent Skill for Claude Code / OpenClaw, with 126 downloads so far.
How do I install SSL Certificate Manager?
Run "/install ssl-certificate-manager" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is SSL Certificate Manager free?
Yes, SSL Certificate Manager is completely free, licensed under MIT-0. You can download, install and use it at no cost.
Which platforms does SSL Certificate Manager support?
SSL Certificate Manager is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created SSL Certificate Manager?
It is built and maintained by ToolWeb (@krishnakumarmahadevan-cmd); the current version is v1.0.0.
More Skills