← 返回 Skills 市场

Veeam MCP

Name: Veeam MCP
Author: jgm2025

作者 JGM2025 · GitHub ↗ · v1.0.3

cross-platform ⚠ suspicious

1814

总下载

当前安装

版本数

在 OpenClaw 中安装

/install veeam-mcp

功能描述

Query Veeam Backup & Replication and Veeam ONE via MCP server running in Docker. Provides intelligent backup monitoring, job analysis, capacity planning, and infrastructure health checks.

安全使用建议

Before installing or running this skill: - Be aware the registry metadata is incomplete: the scripts require Docker and jq and a credentials file at ~/.veeam-mcp-creds.json (create from the provided template). The skill will not work until those are present. - The skill relies on a Veeam MCP Docker image you must obtain/build. Only use an image/package from Veeam or another trusted vendor; verify release sources and checksums before building/running the container. - The skill needs admin credentials for your Veeam servers. Prefer a least-privilege service account where possible; protect ~/.veeam-mcp-creds.json (chmod 600) and avoid storing long-lived full-admin credentials unless necessary. - Passing credentials into docker via -e exposes them to the container environment (and to docker inspect while the container runs). Consider running containers in a restricted network, inspect the image contents before use, and avoid running on hosts where untrusted users can inspect Docker state. - The SKILL.md asserts 'no credentials exposed in logs or command history' — that depends on how you run commands (avoid echoing sensitive files/commands into shells that are logged). - Because the skill's source/homepage are not provided in the registry metadata, verify the repository or package origin (GitHub repo, vendor page, or direct Veeam distribution) before trusting the MCP image. If you need, I can list the exact places the metadata and SKILL.md diverge and suggest minimal metadata updates (required binaries and config path) or produce a checklist to safely validate the MCP Docker image before use.

功能分析

Type: OpenClaw Skill Name: Developer: Version: Description: OpenClaw Agent Skill Suspicious High-Entropy/Eval files: 4 The skill is classified as suspicious due to its handling of highly sensitive Veeam administrator credentials. These credentials (URL, username, password) are read from a local file (`~/.veeam-mcp-creds.json`) and then passed directly as environment variables to `docker run` commands for the `veeam-intelligence-mcp-server` container in `scripts/list-tools.sh`, `scripts/query-veeam.sh`, `scripts/start-mcp.sh`, and `scripts/test-connection.sh`. While this is a common Docker pattern, it exposes credentials to the container's environment and potentially to other processes on the host during execution. Additionally, the skill relies on a user-sourced, beta `veeam-intelligence-mcp-server` Docker image, whose internal behavior is outside the control of this skill bundle, introducing a supply chain risk. There is no evidence of prompt injection against the OpenClaw agent or other malicious intent within the provided files.

能力评估

⚠ Purpose & Capability

The skill claims to be an instruction-only wrapper around a locally-run Veeam MCP Docker server, which is consistent with the files. However the registry metadata declares no required config paths or binaries, while the SKILL.md and scripts clearly require Docker, jq, and a credentials file at ~/.veeam-mcp-creds.json. The metadata omission is an incoherence that could mislead users about what the skill needs.

ℹ Instruction Scope

Runtime instructions and scripts operate within the stated scope: they read a local credentials file, build/run a Docker MCP server, and send JSON-RPC requests to Veeam. They do pass admin credentials into the Docker container via environment variables and instruct users to cat or jq the credentials file for troubleshooting; the SKILL.md also asserts 'No credentials exposed in logs or command history' which depends on how the user runs commands and on the image behavior. There are no obvious instructions to exfiltrate data to third-party endpoints, but the runtime depends on the MCP Docker image — its behavior must be trusted/verified.

✓ Install Mechanism

There is no automated install spec in the skill bundle (instruction-only plus helper scripts), so nothing arbitrary is downloaded or extracted by the skill itself. The higher-risk element is that the skill requires a separate MCP Docker image (user-obtained or built from a package). The skill does not provide or fetch that image, so install risk is limited to user decisions about the image source.

ℹ Credentials

The skill does not request unrelated credentials, but it requires privileged admin credentials for Veeam B&R and/or Veeam ONE (stored in a local JSON file). That is proportionate to the stated functionality, but these are high-privilege secrets and the skill's metadata does not declare that a config path is required. Also the scripts assume jq and Docker are available but these binaries are not listed in the registry metadata.

✓ Persistence & Privilege

The skill is not marked always:true and does not request elevated platform privileges. It instructs users to create a credentials file in the user's home directory and run short-lived Docker containers (with --rm). This level of persistence and privilege is typical for CLI wrapper skills and is proportionate to the purpose.

如何使用

确保已安装 OpenClaw（本地或 Docker 部署）
在对话框中输入安装命令：/install veeam-mcp
安装完成后，直接呼叫该 Skill 的名称或使用 /veeam-mcp 触发
根据 Skill 的参数说明提供必要输入，即可获得结构化输出

版本历史

v1.0.3

Testing publication with correct author

v1.0.2

Fixed publication - added explicit slug

v1.0.1

- Updated instructions for obtaining the Veeam Intelligence MCP server: clarified that the MCP server is in beta and now requires users to contact Veeam or use official channels to obtain access. - Removed direct download and GitHub clone steps in favor of a generalized build process after MCP server acquisition. - Adjusted README and documentation links to reflect the new process for accessing the MCP server. - No changes to core skill behavior or configuration.

v1.0.0

Initial release of the veeam-mcp skill. - Query Veeam Backup & Replication and Veeam ONE through an MCP server running in Docker. - Provides intelligent backup job monitoring, repository capacity checks, alert analysis, and infrastructure health reporting via natural language commands. - Supports both Veeam Backup & Replication and Veeam ONE APIs, including advanced AI-powered queries with Veeam Intelligence enabled. - Includes setup and configuration instructions, credential file format guidelines, and troubleshooting steps. - Offers command-line scripts for direct Veeam queries and infrastructure tests. - Ensures credential security and provides clear requirements for usage.

元数据

Slug veeam-mcp

版本 1.0.3

许可证 —

累计安装 2

当前安装数 2

历史版本数 4

常见问题

Veeam MCP 是什么？

Query Veeam Backup & Replication and Veeam ONE via MCP server running in Docker. Provides intelligent backup monitoring, job analysis, capacity planning, and infrastructure health checks. 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件，目前累计下载 1814 次。

如何安装 Veeam MCP？

在 OpenClaw 或 Claude Code 对话框中运行命令「/install veeam-mcp」即可一键安装，无需额外配置。

Veeam MCP 是免费的吗？

是的，Veeam MCP 完全免费（开源免费），可自由下载、安装和使用。

Veeam MCP 支持哪些平台？

Veeam MCP 跨平台运行，可在任意部署了 OpenClaw / Claude Code 的环境中使用（cross-platform）。

谁开发了 Veeam MCP？

由 JGM2025（@jgm2025）开发并维护，当前版本 v1.0.3。