by bgdnvk
autonomous systems engineering cli agent for any cloud environment: AWS, GCP, Cloudflare, etc
# Add to your Claude Code skills
git clone https://github.com/bgdnvk/clankerLast scanned: 5/30/2026
{
"issues": [],
"status": "PASSED",
"scannedAt": "2026-05-30T06:47:18.033Z",
"semgrepRan": false,
"npmAuditRan": true,
"pipAuditRan": true
}clanker is an open-source ai agents skill for AI coding assistants such as Claude Code, Codex CLI, and ChatGPT, built by bgdnvk. autonomous systems engineering cli agent for any cloud environment: AWS, GCP, Cloudflare, etc. It has 371 GitHub stars.
Yes. clanker passed SkillsLLM's automated security scan — a dependency vulnerability audit plus prompt-injection heuristics — with no high-severity issues. You can read the full report in the Security Report section on this page.
Clone the repository with "git clone https://github.com/bgdnvk/clanker" and add it to your Claude Code skills directory (see the Installation section above).
clanker is primarily written in Go. It is open-source under bgdnvk on GitHub, so you can review or fork the full source.
Yes. SkillsLLM lists many other AI Agents skills you can browse and compare side by side. Open the AI Agents category from the badge at the top of this page, or use the Related Skills and comparison links further down to weigh clanker against similar tools.
No comments yet. Be the first to share your thoughts!
Agent swarm powering Clanker Cloud, the first AI DevOps IDE for agents and humans.
Docs available at docs.clankercloud.ai
Language: English | 简体中文
Ask questions about your infra (and optionally GitHub/etc). Clanker can inspect existing environments and also generate or apply infrastructure and deploy plans through its maker and deploy flows.
Repo: bgdnvk/clanker
Homebrew tap: clankercloud/homebrew-tap
brew tap clankercloud/tap
brew install clanker
make install
clanker update
By default, clanker update replaces the current binary with the latest GitHub
release from bgdnvk/clanker. To track the latest commit on the repository's
default branch instead, set the update channel during setup:
clanker config init --update-channel main
or edit ~/.clanker.yaml:
update:
channel: main # release or main
You can also override it for one run:
clanker update --channel release
clanker update --channel main
clanker onboarding scan
clanker onboarding scan --provider aws,gcp,azure,kubernetes,flyio,linear,notion --format json
clanker onboarding install --dry-run --provider aws,gcp,azure,kubernetes,flyio
clanker onboarding install --yes aws gcloud az kubectl flyctl
clanker onboarding scan detects local credentials and missing provider CLIs,
then returns official install docs, auth commands, and token/account URLs for
users and agents. Install only the tools needed for selected or detected
providers. Examples: AWS uses the official AWS CLI installer and local profiles,
GCP uses the official Google Cloud CLI plus Application Default Credentials, and
Azure uses the official Azure CLI sign-in flow. Agents that have been asked to
install or use Clanker Cloud should run the install step, rerun the scan, then
walk any remaining browser login, SSO, sudo, or official API-token step with the
user.
Copy the example config and edit it for your environments/providers:
cp .clanker.example.yaml ~/.clanker.yaml
alternatively you can do
clanker config init
Most providers use env vars for keys (see .clanker.example.yaml), e.g.:
export OPENAI_API_KEY="..."
export GEMINI_API_KEY="..."
export COHERE_API_KEY="..."
If you run without ~/.clanker.yaml:
openai (unless you pass --ai-profile).--openai-key → OPENAI_API_KEY (also supports ai.providers.openai.api_key and ai.providers.openai.api_key_env if config exists).--ai-profile gemini-api): --gemini-key → GEMINI_API_KEY (also supports ai.providers.gemini-api.api_key and ai.providers.gemini-api.api_key_env if config exists).--ai-profile cohere): --cohere-key → COHERE_API_KEY (also supports ai.providers.cohere.api_key and ai.providers.cohere.api_key_env if config exists).openai defaults to gpt-5; gemini/gemini-api defaults to gemini-2.5-flash; cohere defaults to command-a-03-2025.Clanker uses your local AWS CLI profiles (not raw access keys in the clanker config).
Create a profile with the official AWS CLI. Prefer SSO where your AWS account supports it; use access keys only when your account requires them.
aws configure sso
aws sso login --profile clankercloud-tekbog
aws configure --profile clankercloud-tekbog | cat
aws sts get-caller-identity --profile clankercloud-tekbog | cat
Set the default environment + profile in ~/.clanker.yaml:
infra:
default_provider: aws
default_environment: clankercloud
aws:
environments:
clankercloud:
profile: clankercloud-tekbog
region: us-east-1
Override for a single command:
clanker ask --aws --profile clankercloud-tekbog "what lambdas do we have?" | cat
Use static list commands for read-only inventory without AI interpretation:
clanker aws list resources
clanker aws list all-services
clanker aws list bedrock-kb
clanker gcp list services
clanker gcp list resources
clanker gcp list run-worker-pools
clanker azure list resource-graph
clanker azure list private-endpoints
clanker azure list ai-search
clanker cf list ai-search
clanker cf list browser-sessions
clanker cf list secrets-stores
clanker cf list pipelines
Each provider exposes the full supported resource list through its help:
clanker aws list --help
clanker gcp list --help
clanker azure list --help
clanker cf list --help
Clanker also exposes its own MCP surface as a CLI command.
Run it over HTTP:
clanker mcp --transport http --listen 127.0.0.1:39393 | cat
Or over stdio for MCP clients that launch commands directly:
clanker mcp --transport stdio | cat
The CLI MCP currently exposes tools to:
clanker commands through MCP, including ask, openclaw, and other subcommandsclanker_k8s_* MCP tools, including clanker_k8s_ask_clusterClanker chat routing also recognizes Clanker Cloud app questions now. If you use clanker talk and ask about the running desktop app or its saved settings, it will try the local Clanker Cloud backend first and fall back to Hermes if the app is not running.
Examples:
clanker ask --route-only "use clanker cloud mcp to show my saved settings" | cat
clanker ask --route-only "ask clanker cloud about the running app backend" | cat
clanker mcp --transport http --listen 127.0.0.1:39393 | cat
Example MCP calls against the standalone Clanker CLI server:
# Start the HTTP MCP server
clanker mcp --transport http --listen 127.0.0.1:39393 | cat
# Initialize a client session
curl -sS -X POST http://127.0.0.1:39393/mcp \
-H 'Content-Type: application/json' \
-H 'Accept: application/json, text/event-stream' \
--data '{"jsonrpc":"2.0","id":1,"method":"initialize","params":{"protocolVersion":"2025-03-26","capabilities":{},"clientInfo":{"name":"local-cli","version":"1.0"}}}' | jq
# List available CLI MCP tools
curl -sS -X POST http://127.0.0.1:39393/mcp \
-H 'Content-Type: application/json' \
-H 'Accept: application/json, text/event-stream' \
--data '{"jsonrpc":"2.0","id":2,"method":"tools/list","params":{}}' | jq
# Return the installed clanker version
curl -sS -X POST http://127.0.0.1:39393/mcp \
-H 'Content-Type: application/json' \
-H 'Accept: application/json, text/event-stream' \
--data '{"jsonrpc":"2.0","id":3,"method":"tools/call","params":{"name":"clanker_version","arguments":{}}}' | jq
# Return the internal route decision for a prompt
curl -sS -X POST http://127.0.0.1:39393/mcp \
-H 'Content-Type: application/json' \
-H 'Accept: application/json, text/event-stream' \
--data '{"jsonrpc":"2.0","id":4,"method":"tools/call","params":{"name":"clanker_route_question","arguments":{"question":"use clanker cloud mcp to show my saved settings"}}}' | jq
# Run a real clanker command through MCP
curl -sS -X POST http://127.0.0.1:39393/mcp \
-H 'Content-Type: application/json' \
-H 'Accept: application/json, text/event-stream' \
--data '{"jsonrpc":"2.0","id":5,"method":"tools/call","params":{"name":"clanker_run_command","arguments":{"args":["ask","--route-only","use clanker cloud mcp to show my saved settings"]}}}' | jq
The standalone CLI MCP currently exposes these tools:
clanker_versionclanker_route_questionclanker_run_commandclanker_cloud_app_statusclanker_cloud_launch_appclanker_cloud_ask_appclanker_cloud_call_backend_apiclanker_k8s_list_clustersclanker_k8s_get_resourcesclanker_k8s_ask_clusterclanker_k8s_logsclanker_k8s_execclanker_k8s_scaleclanker_k8s_restartclanker_k8s_rolloutclanker_k8s_applyclanker_k8s_delete_resourceclanker_k8s_helm_installclanker_k8s_helm_upgradeclanker_k8s_helm_listclanker_k8s_helm_uninstallclanker_k8s_node_cordonclanker_k8s_node_uncordonclanker_k8s_node_drainFlags:
--aws: force AWS context/tooling for the question (uses the default env/profile from ~/.clanker.yaml unless you pass --profile)--tencent: force Tencent Cloud context/tooling for the question (uses tencent.* config or TENCENTCLOUD_* env vars)--profile <name>: override the AWS CLI profile for this run--ai-profile <name>: select an AI provider profile from ai.providers.<name> (overrides ai.default_provider)--maker: generate a provider execution plan (JSON) for infrastructure changes--destroyer: allow destructive cloud operations when using --maker--apply: apply an approved maker plan (reads from stdin unless --plan-file is provided)--plan-file <path>: optional path to maker plan JSON file for --apply--debug: print diagnostics (selected tools, AWS CLI calls, prompt sizes)--agent-trace: print detailed coordinator/agent lifecycle logs (tool selection + investigation steps)clanker ask "what's the status of my chat service lambda?"
clanker ask --profile dev "what's the last error from my big-api-service lambda?"
clanker ask --ai-profi