Ollama proxy — one endpoint that routes to multiple Ollama instances. Drop-in Ollama proxy replacement for localhost:11434. Same Ollama API, same model names...
Security Analysis
medium confidenceThe skill's purpose (an Ollama proxy) is plausible and the runtime instructions mostly match, but there are inconsistencies in declared requirements/metadata (local config paths and install/runtime binaries) that warrant caution before use.
The name/description (a proxy that routes to multiple Ollama instances) aligns with the instructions: pip installing ollama-herd, running 'herd' (proxy) and 'herd-node' (agents). This is a reasonable set of capabilities for the stated purpose.
SKILL.md tells users to install the Python package from PyPI and run herd/herd-node which perform network discovery, scoring, logging, and local tracing. That behavior fits the proxy's purpose. However, the SKILL.md's embedded metadata lists config paths (~/.fleet-manager/latency.db, ~/.fleet-manager/logs/herd.jsonl) that imply the skill will read/write local files, but the registry metadata above the skill claims 'Required config paths: none' — an inconsistency to verify.
This is an instruction-only skill that tells the user to 'pip install ollama-herd' from PyPI (a standard, public registry). There is no automatic installer declared by the skill itself. Using PyPI is expected for a Python-based tool; risk is moderate but typical for such packages.
No environment variables or credentials are requested in the registry metadata and the examples show 'api_key="not-needed"'. That is proportional. Minor mismatch: the SKILL.md metadata marks python3/pip as optionalBins while the runtime instructs 'pip install' and running 'herd' which do require Python/pip on hosts — the required binaries list in the registry only lists curl/wget (for examples) which should be clarified.
The skill is not marked always:true and does not request system-wide privileges in the registry. The proxy runs as a separate process (herd) and stores logs/traces locally per the SKILL.md — this is expected behavior for a fleet manager and not an overreach by itself.
Guidance
What to check before installing/run: 1) Confirm the PyPI package and upstream source (https://github.com/geeks-accelerator/ollama-herd) — inspect the package code or repository history for anything unexpected before pip installing. 2) Note the inconsistency: the SKILL.md metadata references local config/log paths (~/.fleet-manager/...), but the registry shows no required config paths — expect the tool to create/read those files. 3) Ensure python3/pip are available on machines where you run the proxy/node; the registry's required-binaries list only mentions curl/wget, so verify the environment. 4) The proxy does local network discovery and will route traffic between machines — only run on trusted networks and consider running first in an isolated environment. 5) If you need stronger assurance, ask the publisher for a reproducible install method or a signed release; reviewing the PyPI package contents or building from source will reduce risk. Additional information that would change this assessment to 'benign': registry metadata updated to declare the config paths and python/pip requirements, and a link to a reviewed repository/release that you (or your security team) have inspected.
Latest Release
v1.0.3
Added /api/pull to drop-in compatibility examples
More by @twinsgeeks
Social Analytics. 社交分析。Análisis social.
3 stars
Dating - First Date. 约会。Citas.
3 stars
Love - Find Love. 爱情。Amor.
3 stars
Latin — Experience Latin Music: 29 Layers of Audio, Lyrics & Equations
3 stars
DeepSeek — DeepSeek-V3, DeepSeek-R1, DeepSeek-Coder on Your Local Devices
3 stars
First Date - Dating. 初次约会。Primera cita.
3 stars
Published by @twinsgeeks on ClawHub
