← 返回 Skills 市场
399
总下载
0
收藏
0
当前安装
20
版本数
在 OpenClaw 中安装
/install vmware-avi
功能描述
Use this skill whenever the user mentions load balancing, ingress, virtual services, pool members, AVI, NSX ALB, AKO, or application delivery. Also trigger w...
安全使用建议
This skill appears to do what it claims, but it requires access to sensitive local files: ~/.vmware-avi/config.yaml, ~/.vmware-avi/.env (controller passwords) and optionally your kubeconfig. Only install/run if you trust the vmware-avi package source (the README points to github.com/zw008/VMware-AVI). Before installing or enabling: (1) review the upstream repo and its release artifacts, (2) confirm the 'uv' package name maps to the expected project, (3) keep .env permissions to 600 and avoid committing it to source control, and (4) be cautious adding the MCP server to multi-tenant/shared agent setups because that integration will allow the agent process to read the same config/.env/kubeconfig. Note: there is a small metadata inconsistency about whether an installer is declared in the registry vs SKILL.md — verify the installer command you intend to run.
功能分析
Type: OpenClaw Skill
Name: vmware-avi
Version: 1.5.15
The skill bundle provides extensive administrative control over VMware AVI load balancers and Kubernetes AKO deployments, including high-risk capabilities such as disabling virtual services (vs_toggle), restarting pods (ako_restart), and modifying Helm configurations (ako_config_upgrade). While these actions are aligned with the stated purpose and include safety features like audit logging via vmware-policy and double-confirmation prompts, the broad access to network resources, shell execution (kubectl/helm), and sensitive credentials in ~/.vmware-avi/.env meets the threshold for suspicious classification under the provided criteria. No evidence of intentional malice or data exfiltration was found in SKILL.md or the reference files.
能力标签
能力评估
Purpose & Capability
Name/description (AVI, virtual services, AKO, ingress) match the declared requirements: the skill expects the vmware-avi CLI, a config file (~/.vmware-avi/config.yaml) and controller passwords (.env or <CONTROLLER>_PASSWORD). Optional dependencies (kubectl, helm, kubeconfig) are explained and required only for AKO/Kubernetes operations.
Instruction Scope
SKILL.md instructs reading ~/.vmware-avi/config.yaml, ~/.vmware-avi/.env and (for AKO) the kubeconfig. Those are legitimate for controller and cluster operations but grant access to sensitive secrets (controller passwords and K8s credentials). The doc references troubleshooting env variables (UV_NATIVE_TLS, SSL_CERT_FILE) and tells you how to integrate the tool with MCP servers (which will load the config on startup). The instructions do not appear to ask for unrelated files or remote exfiltration, but they do permit the agent to read local secret files required for function.
Install Mechanism
The skill is instruction-only (no code files), and the SKILL.md shows an installer command using the 'uv' tool (uv tool install vmware-avi). This is a package-manager install (no direct arbitrary URL downloads). There is a minor metadata inconsistency: top-level registry notes said 'No install spec' while SKILL.md includes an 'installer: uv' entry — worth confirming but not a strong red flag. No suspicious direct-download URLs or extract steps are present.
Credentials
Requested environment/config values are proportional to the stated purpose: VMWARE_AVI_CONFIG (primary), per-controller password variables (e.g., PROD_AVI_PASSWORD) and KUBECONFIG for AKO mode. These grant highly sensitive access (controller admin passwords and kubeconfig credentials) but are expected for a tool that modifies load balancer state and AKO. Users should be aware that ~/.vmware-avi/.env will contain controller passwords and that kubeconfig gives cluster access.
Persistence & Privilege
always:false (not force-included). The skill integrates with vmware-policy which writes audit entries to ~/.vmware/audit.db — this is self-contained and expected. The skill suggests MCP integration (so an agent can start a local mcp server that reads the config), which is normal for MCP-capable tools; it does not request to modify other skills or global agent configs beyond instructing users how to add the MCP server.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install vmware-avi - 安装完成后,直接呼叫该 Skill 的名称或使用
/vmware-avi触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.5.15
v1.5.15: single-command MCP entry point (vmware-avi mcp), verify_ssl default true. Legacy entry point kept for backward compat.
v1.5.14
v1.5.14: code review fixes by @yjs-2026 + Snyk E005 disclaimer
v1.5.12
Security & bug fixes from @yjs-2026 code review
v1.5.11
4 AVI 22.x fixes from @timwangbc: analytics POST, error_logs UUID, pool_list inventory, se_health VS count
v1.5.10
Security: python-multipart 0.0.22→0.0.26 (DoS fix)
v1.5.7
Align with VMware skill family v1.5.7
v1.5.6
Critical fixes: mcp_server packaging, FQDN support, analytics empty, duration format. Enhancements: vs_status full details, se_health VS count, pool_list tool.
v1.5.5
Align with VMware skill family v1.5.5
v1.5.4
Security: pytest 9.0.2→9.0.3 (CVE-2025-71176); Align family v1.5.4
v1.5.3
No user-facing changes; internal or metadata-only release.
- No file changes detected between previous and current versions.
v1.5.2
No user-visible changes in this release.
- Version update only; no file or documentation changes detected.
v1.5.1
vmware-avi 1.5.1
- Added a disclaimer: clearly states this is a community project with no VMware/Broadcom affiliation.
- Updated compatibility section to clarify authentication requirements:
- AVI Controller requires avisdk and controller-specific password env vars (e.g., PROD_AVI_PASSWORD in ~/.vmware-avi/.env).
- AKO tools require kubectl and a valid kubeconfig (read-only access; will not modify kubeconfig files).
- Expanded metadata to include KUBECONFIG, kubectl, and per-controller password variables as optional/required.
- No user-facing tool changes; documentation and requirements improved for clarity and transparency.
v1.5.0
v1.5.0: Anthropic best practices, [READ]/[WRITE] prefixes, Broadcom attestation
v1.4.10
full tool description rewrite with [READ]/[WRITE], R/W table, Broadcom author attestation
v1.4.9
Security routing fixes and vmware-policy clarity; NSX auth fix for special char passwords
v1.4.8
Security patch: bump cryptography 46.0.6→46.0.7 (CVE-2026-39892), urllib3→2.6.3, requests→2.33.0
v1.4.7
Fix: add vmware-policy optional dep to openclaw metadata
v1.4.6
fix: remove suspicious content for clean scan
v1.4.5
Security: pygments ReDoS CVE fix; Infrastructure: uv.lock for all repos
v1.4.4
v1.4.4: vmware-avi family integration, cross-skill routing, sanitize coverage, safety tests
元数据
常见问题
Vmware Avi 是什么?
Use this skill whenever the user mentions load balancing, ingress, virtual services, pool members, AVI, NSX ALB, AKO, or application delivery. Also trigger w... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 399 次。
如何安装 Vmware Avi?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install vmware-avi」即可一键安装,无需额外配置。
Vmware Avi 是免费的吗?
是的,Vmware Avi 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。
Vmware Avi 支持哪些平台?
Vmware Avi 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(macos, linux)。
谁开发了 Vmware Avi?
由 zw008(@zw008)开发并维护,当前版本 v1.5.15。
推荐 Skills