← 返回 Skills 市场
1935
总下载
1
收藏
4
当前安装
1
版本数
在 OpenClaw 中安装
/install nomad
功能描述
Query HashiCorp Nomad clusters. List jobs, nodes, allocations, evaluations, and services. Read-only operations for monitoring and troubleshooting.
安全使用建议
This skill appears to do what it says (read-only Nomad queries), but there are important mismatches and sensitive-data risks to consider before installing:
- Metadata mismatch: The SKILL.md requires NOMAD_ADDR and (optionally) NOMAD_TOKEN and TLS cert/key paths, but the registry metadata lists no required environment variables. Ask the publisher to update metadata to declare these requirements so you know what the skill will need.
- Sensitive access: If you provide NOMAD_TOKEN or client certs, the skill (when invoked) can read variables and allocation logs that may contain secrets or private data. Only supply a token with the minimal scope (read-only, least privilege) and consider using a token limited to specific namespaces/paths.
- Helper tools: Example commands use jq and grep and shell substitution; ensure the runtime environment has those tools and that command examples are safe for your use. The registry should list jq if it's required by common patterns.
- Deployment considerations: Run this skill only in a trusted context that can access the Nomad API (NOMAD_ADDR). If you don't want the agent to reach your cluster, do not set NOMAD_ADDR/NOMAD_TOKEN in environments where the agent can access external networks.
If you need higher assurance, request from the publisher an updated SKILL.md/registry metadata that explicitly lists required binaries and env vars, documents the exact minimal token scopes needed for safe operation, and clarifies whether any example commands (e.g., log retrieval) could expose secrets. If those issues are addressed, the skill is reasonable for monitoring use; until then, treat it with caution.
功能分析
Type: OpenClaw Skill
Name: nomad
Version: 1.0.0
The skill bundle is benign. It provides instructions for querying HashiCorp Nomad clusters using the `nomad` CLI, exclusively focusing on read-only operations like listing jobs, nodes, allocations, and services. The `SKILL.md` explicitly states that the skill is read-only and contains no commands for job submissions or modifications. There is no evidence of data exfiltration, malicious execution, persistence mechanisms, prompt injection attempts against the agent, or obfuscation within the provided files.
能力评估
Purpose & Capability
The name/description match the runtime instructions: the SKILL.md only shows read-only nomad CLI commands (jobs, nodes, allocs, evals, services, variables, logs). However the registry metadata lists no required env vars while the SKILL.md explicitly requires NOMAD_ADDR and optionally NOMAD_TOKEN, plus TLS cert/key paths — an inconsistency that should be resolved.
Instruction Scope
The SKILL.md instructs the agent to run nomad CLI commands that can return sensitive data (nomad var get, alloc logs). It also uses shell pipelines and tools not declared in metadata (examples use jq and grep, command substitution). The instructions do not overreach beyond Nomad, but they do allow reading secrets and logs if the environment or token permits.
Install Mechanism
There is no install spec and no code files — instruction-only. That minimizes disk-write risk. It does require the 'nomad' binary to be present, which is consistent with an instruction-only CLI wrapper.
Credentials
The SKILL.md lists several environment variables (NOMAD_ADDR, NOMAD_TOKEN, NOMAD_NAMESPACE, NOMAD_REGION, NOMAD_CACERT, NOMAD_CLIENT_CERT, NOMAD_CLIENT_KEY) yet registry metadata declares no required env vars or primary credential. Requesting NOMAD_TOKEN (or client cert/key paths) is reasonable for accessing a protected Nomad cluster, but these are sensitive credentials; the skill should declare them explicitly and justify each. Also the skill can access Nomad variables which may contain secrets.
Persistence & Privilege
The skill does not request permanent/always-on presence and defaults are normal (always: false, agent invocation allowed). It does not attempt to modify other skills or system-wide settings.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install nomad - 安装完成后,直接呼叫该 Skill 的名称或使用
/nomad触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.0
Initial release — provides read-only monitoring and troubleshooting commands for HashiCorp Nomad clusters.
- Query jobs, allocations, nodes, evaluations, services, and variables using the Nomad CLI.
- All commands support monitoring scenarios (status, logs, history, listing).
- Supports JSON output and expression-based filtering.
- Emphasizes read-only usage; job or cluster modifications are not included.
- Documents required environment variables and common usage patterns.
元数据
常见问题
Nomad 是什么?
Query HashiCorp Nomad clusters. List jobs, nodes, allocations, evaluations, and services. Read-only operations for monitoring and troubleshooting. 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 1935 次。
如何安装 Nomad?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install nomad」即可一键安装,无需额外配置。
Nomad 是免费的吗?
是的,Nomad 完全免费(开源免费),可自由下载、安装和使用。
Nomad 支持哪些平台?
Nomad 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 Nomad?
由 danfedick(@danfedick)开发并维护,当前版本 v1.0.0。
推荐 Skills