vmware-aiops Security Report — Trusted | ClawSafe

5 /100

vmware-aiops

AI-powered VMware/vSphere/ESXi VM lifecycle management skill — power, clone, deploy, migrate, guest exec, cluster management, and alarm acknowledgment

Documentation-only skill that wraps the legitimate vmware-aiops CLI/PyPI package for VMware VM lifecycle management. No malicious behavior, hidden scripts, or credential exfiltration detected.

Skill Namevmware-aiops

Duration36.3s

Enginepi

✓

Safe to install

This skill is safe to use. Install from PyPI (`uv tool install vmware-aiops`), review source at github.com/zw008/VMware-AIops, and ensure `.env` credentials are properly protected with `chmod 600`.

Findings 2 items

Severity	Finding	Location
Info	Documentation-only repository This repository contains only markdown documentation and references. The actual vmware-aiops Python package is distributed via PyPI. Users should verify the package integrity and review source at github.com/zw008/VMware-AIOps before installation. `installer: kind: uv, package: vmware-aiops` → Consider publishing source in the repository alongside documentation for full transparency.	`SKILL.md:1`
Info	Audit log path discrepancy SKILL.md and capabilities.md reference audit logs at `~/.vmware/audit.db` while setup-guide.md references `~/.vmware-aiops/audit.log`. This appears to be a documentation inconsistency rather than a security issue. `All operations logged to ~/.vmware-aiops/audit.log (JSONL)` → Standardize audit log path across all documentation.	`references/setup-guide.md:1`

Resource	Declared	Inferred	Status	Evidence
Filesystem	`NONE`	`NONE`	—	No file operations in SKILL.md; actual filesystem access depends on installed vm…
Network	`NONE`	`READ`	✓ Aligned	Webhooks for notifications only to user-configured endpoints (Slack/Discord); di…
Shell	`WRITE`	`WRITE`	✓ Aligned	Bash tool declared in allowed-tools; used for CLI commands (uv install, vmware-a…
Environment	`READ`	`READ`	✓ Aligned	Reads VMWARE_AIOPS_CONFIG, VSPHERE_USER, VSPHERE_PASSWORD from environment
Skill Invoke	`NONE`	`READ`	✓ Aligned	Skill routing to companion skills declared in SKILL.md (vmware-monitor, vmware-s…

File Tree

5 files · 27.3 KB · 569 lines

Markdown 4f · 520L JSON 1f · 49L

├─ ▾ 📁 evals

│ └─ 📋 evals.json JSON 49L · 2.0 KB

├─ ▾ 📁 references

│ ├─ 📝 capabilities.md Markdown 116L · 6.6 KB

│ ├─ 📝 cli-reference.md Markdown 67L · 2.8 KB

│ └─ 📝 setup-guide.md Markdown 120L · 5.3 KB

└─ 📝 SKILL.md Markdown 217L · 10.6 KB

Dependencies 2 items

Package	Version	Source	Known Vulns	Notes
`vmware-aiops`	`unpinned`	PyPI	No	Recommend pinning version: uv tool install vmware-aiops==X.Y.Z
`pyVmomi`	`implicit`	vmware-aiops dep	No	Official VMware Python SDK

Security Positives

✓ Open source (MIT license) with publicly reviewable source at github.com/zw008/VMware-AIops

✓ Security best practices documented: chmod 600 for .env files, least-privilege service account recommendation

✓ Prompt injection protection: vSphere content wrapped in boundary markers before LLM output

✓ Double confirmation required for all destructive operations (delete, power-off, etc.)

✓ TTL auto-cleanup prevents orphaned VMs

✓ Webhook notifications disabled by default, only send to user-controlled endpoints

✓ SSL/TLS verification enabled by default with clear warning against disabling in production

✓ Comprehensive audit trail with before/after state logging

✓ Input validation for VM names, CPU, memory, and disk parameters

✓ Builds on established libraries (pyVmomi, Click, APScheduler)

✓ No base64 encoding, no direct IP connections, no eval() usage detected

✓ No access to sensitive paths like ~/.ssh, ~/.aws, or .env outside the designated ~/.vmware-aiops/

Scan Report

Findings 2 items

File Tree

Dependencies 2 items

Security Positives