Your AI-agent can now manage your hosting at is*hosting. We released ishosting-manager -- a bridge between natural language and infrastructure management.
It gives AI agents control over your infrastructure on is*hosting: ordering servers, managing billing, configuring services, and automating cloud operations through natural language.
What it is
Under the hood, the project wraps the is*hosting REST API into a Python CLI, so AI tools like Claude Code, Cursor, and OpenAI Codex can call it and manage your infra end-to-end.
That “end-to-end” includes:
- Provisioning: order & provision VPS, Dedicated, Storage, VPN services
- Hardware customization: CPU, RAM, disk, GPU, DDoS protection, RAID, extra IPs
- Software installation: OS images, control panels, your own apps
- Lifecycle ops: start/stop/reboot/force-reboot, cancel services
- Billing automation: create orders, pay invoices (balance/crypto/card), top up, apply promo codes
- SSH key management: add/delete/attach keys to services
- Profile & settings: view balance, edit personal info, check active services
How to use
You need Python 3.12+, uv package runner, and an is*hosting account with an API token.
You can already use it. For setup guides, check the README section: https://github.com/ishosting/ishosting-manager
We also plan to add metrics and statistics for servers (dedicated and virtual), which will first appear in the client area and then in the skills. We are currently working hard on this.
FAQ
Can I configure restrictions or guardrails (limits, allowlists, etc.)?
Not in a way that can be guaranteed. Since the skill is just a wrapper around the public API, any “restrictions” implemented at the skill layer can be bypassed by calling the API directly (or by modifying the wrapper). In other words, you can’t reliably enforce “can do X but never do Y” if the API itself allows Y.
What are the limits for tokens and requests?
There are no extra limits added by the skill itself, only the limits defined by the public is*hosting API (rate limits, requests per minute).
Agent token limits depend on the AI client you use (Claude, Cursor, Gemini, etc.).
Do critical operations require confirmation, or can an agent do everything in a single prompt?
The ordering flow is intentionally split into multiple steps with clarifying questions, and critical operations are designed to go through confirmations.
However, there’s an important caveat: if a user explicitly instructs the agent to “buy a random VPS as fast as possible, don’t ask questions,” and the account has sufficient balance, the agent may still be able to execute that. The platform can’t fully prevent it from the skill side.
If an agent retries after a timeout, how do you prevent double orders or double payments?
Payments outside balance payments are done manually via a generated payment link, so accidental automated double-payments are effectively avoided.
For balance payments, the agent follows the tool’s instructions. If a user intentionally asks the agent to buy many instances using balance and to skip confirmations, it may be able to do so, there’s no absolute lock preventing that behavior.
How are credentials secured?
- The API key security is the customer’s responsibility, like with any API integration.
- The skill does not use the customer’s is*hosting login/password, only an API key/token.
- The skill itself doesn’t implement the storage of personal data. It’s essentially a convenience wrapper + interaction logic around the public API.
- Privacy/PII leakage risks are aligned with the AI tools you use, not with the skill itself.
Is there a list of actual commands, parameters, and call examples?
There isn’t a fixed natural language command list, because agents are conversational: you can phrase requests freely, and the agent maps them to API capabilities.
For the authoritative set of capabilities, refer to the official is*hosting API documentation.
