Ansible playbooks and templates to deploy, manage, and update Solana RPC nodes on mainnet, testnet, and devnet with support for RPC, indexing, and gRPC.
Security Analysis
medium confidenceThe skill's files, instructions, and requirements are coherent with its stated purpose (Ansible playbooks to deploy/manage Solana RPC nodes), but there are a few minor items you should verify before running anything.
The name/description match the provided SKILL.md, AGENT.md, README, example inventory, and Ansible playbook structure. The skill legitimately needs SSH access and Ansible to deploy nodes; the interactive flow requests SSH user/key, server IP, and node-specific values which are appropriate for the stated purpose.
SKILL.md stays within deployment/monitoring scope: it collects deployment variables, shows explicit ansible-playbook commands, and checks local RPC health. It asks for SSH key paths and snapshot URLs (expected). It does not instruct reading unrelated system secrets or exfiltrating data. The playbooks include tasks like copying node keys to target servers — consistent with node provisioning, but you should confirm what keys are being copied and how.
There is no automated install spec in registry metadata (instruction-only skill). The included scripts/setup.sh auto-installs ansible and otherwise only prints guidance. The script suggests an external solana-cli install command using https://release.anza.xyz/stable/install which is not the well-known official Solana release host — this is an external URL to verify before running. Otherwise installation steps use pip/apt/brew, which are proportionate.
The skill declares no required environment variables or credentials. At runtime it legitimately asks for SSH connection details and may prompt for snapshot URLs, plugin versions, and optional ERPC 'reference_rpc_url' (an external service for slot reference). There are no unrelated credentials requested. Ensure you provide SSH keys and any node private keys securely and avoid uploading private keys to unknown locations.
The skill is not force-included (always:false) and uses normal agent invocation. It does not request or modify other skills or global agent config. Playbooks will make system changes on target servers (systemd services, firewall rules) as expected for node provisioning — confirm you intended those changes on the target host.
Guidance
This package appears to be what it says: Ansible playbooks and helper docs to deploy Solana RPC nodes. Before installing or running anything: 1) Verify the skill source/repository (no homepage provided) and prefer an official upstream repo (ValidatorsDAO/slv is referenced in README) or a checked fork. 2) Inspect playbooks that copy keys (e.g., copy_keys.yml) so you know which files are transferred; never provide private keys unless you trust the target and have reviewed the task. 3) Do NOT run the suggested external installer URL (release.anza.xyz) without verifying its authenticity — prefer official Solana releases. 4) Run scripts/setup.sh and ansible in a controlled environment first (or on a non-production host) and use ansible --check/dry-run to preview changes. 5) If you plan to supply an ERPC reference RPC URL or API key, treat it like any credential: provide it only to trusted services and avoid embedding it in logs or public inventories. If you want higher confidence, request the upstream git repository/commit hashes and a manual review of the Ansible playbooks (particularly tasks that handle private keys, disk formatting/mounting, and external downloads).
Latest Release
v0.10.2
- Removed the skill.json file from the repository. - No other changes to playbooks, documentation, or functionality. - Existing Ansible and Jinja2 structure, as well as documentation, remain unchanged.
Popular Skills
Published by @POPPIN-FUMI on ClawHub
