Ansible playbooks and templates for deploying and managing Solana gRPC Geyser streaming nodes with Yellowstone or Richat plugins.
Security Analysis
high confidenceThe skill's requests and instructions are coherent with its stated purpose (deploying Solana gRPC Geyser nodes); it asks for SSH access and optional RPC keys which are proportionate to the task and includes only local helper scripts and Ansible playbooks.
Name/description (Ansible playbooks/templates to deploy/manage Geyser gRPC nodes) match the files and runtime instructions. Required inputs (SSH user/key, server IP, plugin version, Solana version, optional ERPC API key) are expected for remote deployment and monitoring. No unrelated cloud credentials, package managers, or services are requested.
SKILL.md instructs the agent to collect SSH connection info (ssh_user, ssh_key_path) and node-specific variables and to run ansible-playbook against the target server. Access to a local SSH private key path is necessary to perform the deployment, but this is sensitive — the skill does advise not to store private keys. The agent also suggests optionally using an ERPC API key (for network slot checks), which is reasonable but optional. Overall the runbook stays within deployment/monitoring scope; users should still confirm actions before execution (playbooks can be destructive if misused).
This is instruction-only (no install spec). The only executable provided is scripts/setup.sh which checks/installs ansible-core via pip/apt/brew and performs harmless local checks. Playbooks clone plugin source from GitHub (rpcpool and lamports-dev) and build with cargo — expected for building from source. One minor note: setup.sh prints a solana-cli install command that points to release.anza.xyz (a non-standard installer domain) as a suggestion; it does not auto-execute this curl, but users should prefer official Solana install sources or verify that URL before running it.
The skill declares no required env vars or credentials. Runtime requires are limited to SSH connection details, a node identity pubkey, plugin/version variables, and optionally an ERPC API key for reference RPC — all relevant to deploying/monitoring a Solana node. It does not request unrelated secrets or broad environment access.
The skill is not force-included (always: false). It does not request to modify other skills or system-wide agent settings. The provided setup script may install ansible locally (standard bootstrap behavior) but the skill does not assert persistent privileges or background persistence by itself.
Guidance
This skill appears to do what it says: run Ansible to deploy and manage Solana gRPC Geyser nodes and build plugins from GitHub source. Before installing or running it, consider the following: - Review the included Ansible playbooks and Jinja templates locally so you understand what will be changed on target servers. Pay special attention to tasks that modify systemd services, firewall rules, or restart validators. - The skill will ask for SSH connection details and an SSH key path (~/.ssh/id_rsa by default). Providing access to an SSH key is necessary to deploy but is sensitive — do not hand over private key material to third parties or paste it into public chats. Prefer using SSH agent forwarding or temporary deployment keys where feasible. - The setup script suggests an alternate solana-cli installer URL (release.anza.xyz). That link is printed as guidance and is not executed automatically; still, prefer official Solana installers or verify the URL before running any curl | sh commands. - Building plugins requires the Rust toolchain (cargo) and may take significant time on target hardware; ensure you trust the upstream GitHub repos (rpcpool/yellowstone-grpc and lamports-dev/richat) since the build runs their source code. - Use ansible-playbook --check (dry-run) first, review the generated inventory, and confirm any destructive actions (stop/restart/rebuild) before proceeding. If you want additional assurance, share the playbooks (mainnet-rpc/*.yml) and templates you plan to run and I can highlight any risky tasks or commands inside them.
Latest Release
v0.10.2
- Removed the skill.json file from the repository. - No changes were made to documentation or functionality. - Skill structure and usage remain unchanged.
Popular Skills
Published by @POPPIN-FUMI on ClawHub
