← 返回 Skills 市场
Proxmox Backup Server Manager
作者
MaikiMolto
· GitHub ↗
· v1.6.0
· MIT-0
97
总下载
0
收藏
0
当前安装
7
版本数
在 OpenClaw 中安装
/install proxmox-backup-server-manager
功能描述
Create and manage Proxmox Backup Server (PBS) backups for VMs and LXC containers. Guided first-time setup including PBS installation, NAS storage, Proxmox ho...
安全使用建议
This skill appears to implement what it claims (managing PBS backups) and includes helper scripts, but pay particular attention to how secrets are handled during setup:
- The setup flow asks you to provide API tokens, PBS passwords, and NAS/SMB credentials. Those values are conveyed through the chat unless you choose to run all commands yourself. Chatting secrets is risky — verify your platform's chat retention policy and avoid sending long-lived credentials if you cannot delete them from logs.
- The skill stores credentials in plain JSON under ~/.openclaw/credentials/pbs-backup.json (the guide recommends chmod 600). That is functional but not encrypted; treat those files like sensitive secrets and store them on a trusted host or use short-lived/limited-scope tokens.
- The instructions tell the agent (or you) to run system-level commands (install packages, edit /etc/fstab, create credential files on remote hosts). Prefer the 'user executes' mode unless you fully trust the agent's ability to perform remote commands and you review each command before it runs.
- Minimize risk by creating a dedicated Proxmox API token with only 'backup' privileges (as documented), use limited accounts for SMB/NFS where possible, and rotate/revoke tokens after setup if you must share them through chat.
- Review the included scripts (backup.py, setup.py) before running. If you want stronger protection, modify the workflow to avoid sending secrets via chat (e.g., run setup locally on a trusted machine or paste secrets directly into the local setup prompt rather than into an agent conversation).
What would change this assessment: explicit encryption of on-disk credentials, avoiding any guidance that encourages pasting secrets into chat, or an implementation that performs secure, ephemeral secret exchange (e.g., out-of-band prompts only on the user's terminal).
功能分析
Type: OpenClaw Skill
Name: proxmox-backup-server-manager
Version: 1.6.0
The skill bundle provides legitimate tools for managing Proxmox Backup Server (PBS) and Proxmox VE backups via the Proxmoxer API. Key files include `scripts/backup.py` for triggering and monitoring backups and `scripts/setup.py` for interactive configuration of hosts and storage. While the skill handles sensitive credentials (API tokens, SMB passwords) and performs high-privilege operations like mounting NAS shares and installing software, these actions are transparently documented in `SKILL.md` and `references/setup-guide.md` as core features. Security trade-offs, such as disabling SSL verification for self-signed certificates, are explicitly mentioned and justified for homelab environments, with no evidence of malicious intent or data exfiltration.
能力标签
能力评估
Purpose & Capability
Name/description align with the included Python scripts and use of proxmoxer. Requiring python3 and proxmoxer is appropriate for Proxmox API operations. Storing config under ~/.openclaw/credentials is consistent with the skill's need to persist host/token information. Minor mismatch: SKILL.md states 'do not store passwords or token secrets in agent memory, logs, or daily notes', yet the workflow persists token_secret and similar credentials to ~/.openclaw/credentials/pbs-backup.json (expected for operation but worth highlighting).
Instruction Scope
The SKILL.md instructs the agent to either run remote setup commands (via SSH) or print commands for the user; the shipped Python scripts do not perform remote SSH themselves and instead expect API tokens or the user to run commands. The instructions explicitly recommend passing secrets (API tokens, PBS root password, SMB credentials) through the chat for setup. That creates a real risk: secrets passed in chat may be retained in chat logs or memory outside of the script, and the skill's text claims they won't be stored which is inconsistent with normal chat storage. The instructions also guide the agent/user to edit /etc/fstab, create credentials files on remote hosts, and run package/install commands — actions that modify system configuration and require care. These behaviors are functionally coherent for setup but expand the agent's scope (remote system changes and secret handling) and should be used only with explicit user approval.
Install Mechanism
No install spec; this is instruction-plus-scripts only. No external downloads or archive extraction are performed by the skill itself. The scripts depend on the proxmoxer Python package and will fail with a clear error if missing (the README and references mention pip install proxmoxer). This is low-risk as long as the user inspects/controls package installation.
Credentials
The skill does not request unrelated environment variables, but it requires sensitive credentials (Proxmox API tokens, PBS root password, SMB credentials) for legitimate function. Those credentials are persisted to ~/.openclaw/credentials/pbs-backup.json (and proxmox.json if imported) in plain JSON (protected by chmod 600 per the docs). The SKILL.md's claim that credentials 'are not stored in agent logs or memory' conflicts with both the practice of storing them on disk and the reality that chat messages (used to pass credentials) are often retained. Users should be aware secrets will be stored on disk in plaintext JSON and are transmitted via chat during setup unless they run commands locally themselves.
Persistence & Privilege
always:false and no system-wide install hooks are present. The skill writes/reads files only under ~/.openclaw/credentials which is within its own scope. It does not request to modify other skills or system-wide OpenClaw settings. Autonomous invocation is allowed (default) but not combined with other high privileges.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install proxmox-backup-server-manager - 安装完成后,直接呼叫该 Skill 的名称或使用
/proxmox-backup-server-manager触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.6.0
**Changelog for version 1.6.0:**
- Added explicit version field to SKILL.md.
- Updated ClawHub feedback link to new URL and reworded feedback section for clarity.
- Clarified that after a successful first backup the feedback prompt should only be mentioned once.
- No changes to functionality or requirements; documentation only.
v1.5.0
Setup auto-discovers all VMs/CTs from Proxmox API instead of manual registration
v1.4.0
Multiple targets: ask before backing up all instead of running immediately
v1.3.0
Setup auto-discovers all VMs/CTs on all hosts — user picks targets from a list instead of typing VMIDs manually
v1.2.0
No VMID = back up all targets sequentially instead of asking
v1.1.1
Added security notes explaining why scanners flag this skill
v1.1.0
Renamed from pbs-backup to proxmox-backup-server-manager for better discoverability
元数据
常见问题
Proxmox Backup Server Manager 是什么?
Create and manage Proxmox Backup Server (PBS) backups for VMs and LXC containers. Guided first-time setup including PBS installation, NAS storage, Proxmox ho... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 97 次。
如何安装 Proxmox Backup Server Manager?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install proxmox-backup-server-manager」即可一键安装,无需额外配置。
Proxmox Backup Server Manager 是免费的吗?
是的,Proxmox Backup Server Manager 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。
Proxmox Backup Server Manager 支持哪些平台?
Proxmox Backup Server Manager 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 Proxmox Backup Server Manager?
由 MaikiMolto(@maikimolto)开发并维护,当前版本 v1.6.0。
推荐 Skills