← Back to Skills Marketplace
91
Downloads
0
Stars
0
Active Installs
1
Versions
Install in OpenClaw
/install exec-local
Description
Execute system-level shell commands directly within the thundarr-gpu container for monitoring and remote orchestration tasks.
README (SKILL.md)
Thundarr Execution Bridge (Local)
The exec_local skill provides a direct interface for executing system-level shell commands within the thundarr-gpu container environment on Garuda.
Core Functionality
- Direct Shell Access: Allows for low-latency execution of binary tools and scripts.
- Remote Orchestration: Designed to be used as a jump-point for managing the Fedora UM250 host via the
thundarr-remoteSSH script. - Resource Monitoring: Can be used to check local container health, process tables, and network availability between Docker nodes.
Security Note
This tool executes commands with the permissions of the container user. Ensure all inputs are sanitized when used in automated workflows.
Usage Guidance
This skill gives the agent unrestricted ability to run shell commands inside the container — it can read files, environment variables, network endpoints, and any mounted host artifacts (SSH keys, docker socket, config files). Only install if you fully trust the skill and the agent's autonomy. Consider: 1) Disable autonomous invocation (set disable-model-invocation = true) so the agent cannot run commands without your approval; 2) Remove or isolate sensitive mounts/credentials from the container (SSH keys, /var/run/docker.sock, host config directories); 3) Limit network egress from the container or firewall outbound connections; 4) Prefer manual invocation: require explicit commands from a human rather than letting the model decide; 5) Audit container file system and logs after use; 6) If you need limited monitoring/orchestration, prefer more narrowly scoped tools that expose specific APIs rather than an open shell. If you are unsure, treat this skill as high-risk and avoid installing it.
Capability Analysis
Type: OpenClaw Skill
Name: exec-local
Version: 1.0.0
The skill provides a raw shell execution primitive via the 'exec' tool in skill.json and skill.yaml, allowing for arbitrary command execution within the container environment. While SKILL.md describes its purpose as a bridge for orchestration and monitoring, the lack of any command filtering or input sanitization makes it a high-risk capability that could be leveraged for unauthorized system access or persistence.
Capability Assessment
Purpose & Capability
The name/description match the provided tooling: an 'exec' tool that runs arbitrary shell commands inside the Thundarr container. Mentioning remote orchestration via an SSH script is plausible, but the skill does not declare or request SSH keys/configs even though those would commonly be required for the described remote tasks.
Instruction Scope
SKILL.md explicitly enables arbitrary command execution and gives no runtime restrictions. Although consistent with the stated purpose, this scope permits reading files, environment variables, network access, and other actions not limited by the skill — enabling easy exfiltration or lateral movement if misused.
Install Mechanism
Instruction-only skill with no install spec or downloaded code. This minimizes installation risk (nothing written by the skill itself), but runtime risk remains because commands executed by the agent will run in the container.
Credentials
The skill declares no environment variables or credentials, which is consistent with an in-container exec tool. However, arbitrary shell access effectively gives the agent access to any env vars, config files, mounted secrets, SSH keys, or sockets present in the container — a disproportionate level of access relative to what most users would expect from a small utility.
Persistence & Privilege
The skill is user-invocable and allows autonomous model invocation (disable-model-invocation is false). Autonomous invocation combined with unrestricted shell execution increases the blast radius: the agent could run commands without explicit user approval. 'always' is not set, which limits forced inclusion, but the autonomous capability is still concerning given the privileges.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install exec-local - After installation, invoke the skill by name or use
/exec-local - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.0
Initial release of exec-local skill—provides secure shell command execution within the thundarr-gpu container on Garuda.
- Enables direct execution of scripts and binary tools locally in the container.
- Supports remote orchestration of the Fedora UM250 host via SSH.
- Allows monitoring of container health, processes, and Docker node networking.
- Operates with container user permissions; input sanitization recommended for automation.
Metadata
Frequently Asked Questions
What is Exec Local?
Execute system-level shell commands directly within the thundarr-gpu container for monitoring and remote orchestration tasks. It is an AI Agent Skill for Claude Code / OpenClaw, with 91 downloads so far.
How do I install Exec Local?
Run "/install exec-local" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is Exec Local free?
Yes, Exec Local is completely free, licensed under MIT-0. You can download, install and use it at no cost.
Which platforms does Exec Local support?
Exec Local is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created Exec Local?
It is built and maintained by zrslu01 (@zrslu01); the current version is v1.0.0.
More Skills