← Back to Skills Marketplace
eddygk

iDRAC

by Eddy · GitHub ↗ · v1.1.0
darwinlinux ⚠ suspicious
747
Downloads
0
Stars
1
Active Installs
2
Versions
Install in OpenClaw
/install idrac
Description
Monitor and manage Dell PowerEdge servers via iDRAC Redfish API (iDRAC 8/9). Use when asked to: - Check server hardware status, health, or temperatures - Que...
README (SKILL.md)

iDRAC Skill

Monitor and manage Dell PowerEdge servers via iDRAC Redfish API.

First-Time Setup

Create a config file at ~/.config/idrac-skill/config:

mkdir -p ~/.config/idrac-skill
cat > ~/.config/idrac-skill/config \x3C\x3C'EOF'
# iDRAC connection settings
IDRAC_IP="\x3Cyour-idrac-ip>"

# Credential source: "1password" | "file" | "env"
CREDS_SOURCE="file"

# For CREDS_SOURCE="1password":
#   OP_ITEM="\x3C1password-item-name>"
#
# For CREDS_SOURCE="file":
#   Create ~/.idrac-credentials with contents: username:password
#   chmod 600 ~/.idrac-credentials
#
# For CREDS_SOURCE="env":
#   Export IDRAC_USER and IDRAC_PASS
EOF

Authentication

The helper script supports three credential sources:

Source Config How It Works
1password OP_ITEM="item-name" Pulls username:password via op CLI, caches to ~/.idrac-credentials
file (default) Reads ~/.idrac-credentials (format: user:pass, mode 600)
env Uses $IDRAC_USER and $IDRAC_PASS environment variables

Helper Script

Location: scripts/idrac.sh (relative to this skill directory)

idrac.sh test            # Test connectivity and authentication
idrac.sh status          # System summary (model, power, CPU, memory)
idrac.sh health          # Health checks (temps, fans, power)
idrac.sh power           # Current power state
idrac.sh inventory       # Full hardware inventory
idrac.sh logs            # Recent system event log entries (last 10)
idrac.sh thermal         # Detailed temperature and fan status
idrac.sh storage         # RAID/disk status
idrac.sh reset-types     # Available power reset types

Workflow

  1. Load config from ~/.config/idrac-skill/config
  2. Hydrate credentials (JIT pattern) if needed
  3. Determine operation type:
    • Read-only (status, health, logs, inventory) → Execute directly
    • Destructive (power off, restart, BIOS changes) → Confirm with user first
  4. Query Redfish API via curl + Basic Auth (or session token for batch ops)
  5. Parse JSON with jq
  6. Surface findings to user in natural language
  7. Never expose credentials in responses

Endpoint Reference

For raw Redfish API endpoints (system info, thermal, storage, network, logs, power ops, BIOS, firmware, session auth, Dell OEM attributes):

→ See references/endpoints.md

Security Notes

  • Never log or display credentials — use --silent and pipe to jq
  • Credential file must be mode 600 (chmod 600 ~/.idrac-credentials)
  • TLS verification disabled (-k) — iDRAC uses self-signed certs (acceptable for private networks)
  • Power operations are destructive — confirm with user before executing shutdown/restart

Compatibility

Works with Dell iDRAC 8 (Redfish 1.0–1.4) and iDRAC 9 (Redfish 1.6+). Covers PowerEdge 13th gen (R630/R730) through current gen. See endpoints reference for version-specific notes.

Note: iDRAC 8 API responses can take 5–10s per call. The test command makes 4 sequential calls (~30–40s total). Set exec timeouts accordingly. iDRAC 9 is significantly faster.

Usage Guidance
This skill appears to be what it claims, but consider these practical cautions before installing/using it: - Ensure IDRAC_IP in ~/.config/idrac-skill/config is the intended internal iDRAC host(s); the script will send your credentials to whatever host is configured. Do not point it at unknown or internet-facing hosts. - The helper caches credentials to ~/.idrac-credentials (mode 600). That mitigates but does not eliminate risk — avoid including that file in backups or shared repos. If you prefer no file cache, use CREDS_SOURCE=env and set IDRAC_USER/IDRAC_PASS in a controlled session. - TLS verification is disabled (curl -k) because many iDRACs use self-signed certs. If you can supply valid certs or enable verification for your environment, that is more secure. - Optional 1Password integration requires the op CLI; when used, the script extracts and writes creds to the same local cache file. Review that behavior if you rely on JIT secrets management. - Verify curl and jq are from trusted system packages and inspect scripts locally before running. The skill is script-based and will only act on the configured host, but a misconfiguration can lead to credential exposure. Overall, the skill is coherent with its stated purpose; follow the above operational precautions for secure use.
Capability Analysis
Type: OpenClaw Skill Name: idrac Version: 1.1.0 The skill is designed to manage iDRAC, but it exhibits significant vulnerabilities. The `scripts/idrac.sh` file sources a user-created configuration file (`~/.config/idrac-skill/config`), which introduces a Remote Code Execution (RCE) vulnerability if an attacker can modify this file. Additionally, the script uses `curl -k` to disable TLS verification for iDRAC connections, making them susceptible to Man-in-the-Middle attacks, although this is explicitly documented in `SKILL.md` as a trade-off for self-signed certificates. While these are critical security flaws, there is no evidence of intentional malicious behavior such as data exfiltration to unauthorized endpoints or installation of backdoors.
Capability Assessment
Purpose & Capability
Name/description, required binaries (curl, jq), the helper script, and the endpoints reference all align with a Redfish/iDRAC management skill. No unrelated credentials, binaries, or install steps are requested.
Instruction Scope
Runtime instructions are narrowly scoped to reading ~/.config/idrac-skill/config, hydrating credentials (file/env/1Password), and calling the configured IDRAC_IP over HTTPS. Caveats: the skill will connect to whatever IDRAC_IP the user places in config (so a misconfigured value could send credentials off-network), and the script deliberately disables TLS verification (-k) to accommodate self-signed iDRAC certs — this is noted in SKILL.md but is a security trade-off.
Install Mechanism
No install spec; the skill is instruction/script-only and won't download or install third-party packages. This is the lowest-risk model for install behavior.
Credentials
The skill does not require global secrets. It reads/writes a local credential cache (~/.idrac-credentials) and may read IDRAC_USER/IDRAC_PASS when configured for env mode. Optional 1Password integration uses the op CLI. Writing credentials to a local file is needed for curl -u usage but should be considered when sharing/backing up the home directory.
Persistence & Privilege
always is false and the skill is user-invocable. It writes only its own config and credential cache in the user's home (~/.config/idrac-skill/config and ~/.idrac-credentials) and does not modify other skills or system-wide settings.
How to Use
  1. Make sure OpenClaw is installed (local or Docker)
  2. Run the install command in chat: /install idrac
  3. After installation, invoke the skill by name or use /idrac
  4. Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.1.0
Add metadata.openclaw (requires curl/jq, os filter). Declare credential file writes and network behavior in description. Improve dependency transparency for security scanners.
v1.0.0
Initial release
Metadata
Slug idrac
Version 1.1.0
License
All-time Installs 1
Active Installs 1
Total Versions 2
Frequently Asked Questions

What is iDRAC?

Monitor and manage Dell PowerEdge servers via iDRAC Redfish API (iDRAC 8/9). Use when asked to: - Check server hardware status, health, or temperatures - Que... It is an AI Agent Skill for Claude Code / OpenClaw, with 747 downloads so far.

How do I install iDRAC?

Run "/install idrac" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is iDRAC free?

Yes, iDRAC is completely free (open-source). You can download, install and use it at no cost.

Which platforms does iDRAC support?

iDRAC is cross-platform and runs anywhere OpenClaw / Claude Code is available (darwin, linux).

Who created iDRAC?

It is built and maintained by Eddy (@eddygk); the current version is v1.1.0.

More Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191115 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 Comments