← Back to Skills Marketplace
lixiang92229

Ssh Remote Control

by lixiang92229 · GitHub ↗ · v1.0.10 · MIT-0
cross-platform ⚠ suspicious
229
Downloads
2
Stars
1
Active Installs
11
Versions
Install in OpenClaw
/install ssh-remote-control
Description
SSH远程控制电脑 - 让AI Agent通过SSH连接和操作远程Mac/Linux电脑,无需在被控电脑上安装任何agent工具。一个服务器上的AI,触手伸向多台远程设备。
Usage Guidance
This skill does what it says — it teaches the agent to SSH into remote machines and run commands — but that requires giving the agent access to a private SSH key (SSH_KEY_PATH). Before installing or enabling: 1) Verify the skill source/repository and maintainers (the registry lists an unknown source). 2) Do NOT reuse an existing key: create a dedicated SSH key pair for this skill and grant the remote account minimal permissions (non-admin user, limited sudo if any). 3) Restrict the key in authorized_keys (command=, no-pty, from=) and consider a passphrase + ssh-agent or an SSH certificate with short lifetime. 4) Keep the private key file permission-restricted (600) and ensure the platform will not leak it in logs or to other skills. 5) Resolve the metadata mismatch (the registry claims no required env vars but the skill expects several) — ask the publisher to correct packaging. 6) If you plan to allow autonomous agent actions, limit scope (dedicated account, strict remote-side command restrictions) because the agent can execute arbitrary commands once it has key access. If you cannot enforce these mitigations or verify the publisher, treat the skill as high-risk and do not provide access to sensitive keys or privileged accounts.
Capability Analysis
Type: OpenClaw Skill Name: ssh-remote-control Version: 1.0.10 The skill provides instructions for an AI agent to perform remote system administration via SSH, which involves high-risk capabilities such as arbitrary command execution, file system access, and macOS system control (via osascript). While the documentation in SKILL.md and README.md is transparent and includes extensive security recommendations—such as using dedicated SSH keys and restricted accounts—the inherent risk of granting an agent access to a private SSH key and remote shell access is significant. No evidence of intentional malice, hidden exfiltration logic, or prompt injection was found in the provided files.
Capability Assessment
Purpose & Capability
Name and description claim SSH-based remote control and the SKILL.md describes exactly that (ssh/scp examples, macOS/Linux commands, tunnel guidance). That capability legitimately requires host/port/user/key. However, registry metadata presented earlier lists 'Required env vars: none' while the SKILL.md and _meta.json declare required env vars (SSH_TARGET_HOST, SSH_TARGET_PORT, SSH_TARGET_USER, SSH_KEY_PATH). This metadata mismatch is an incoherence (likely a packaging/metadata error) and should be resolved before trusting the skill.
Instruction Scope
The runtime instructions explicitly require the agent to run SSH and SCP commands and access a local private key path (SSH_KEY_PATH). That is consistent with the stated purpose but is high-impact: any agent with access to the private key can log into all systems that accept it. The SKILL.md also instructs the user to set up tunnel tools (ngrok/frp) which is expected but increases exposure surface. The instructions do not include enforcement mechanisms (no code that would limit or sandbox commands) — they rely on the operator to restrict keys/accounts on the remote hosts.
Install Mechanism
This is an instruction-only skill (no install spec, no code files to run). That minimizes install-time risk because nothing is downloaded or executed automatically by installation. Risk shifts to runtime: the agent executing SSH commands on behalf of the user.
Credentials
Requested environment variables (host, port, user, path to private key) are appropriate and proportionate for an SSH remote-control skill. However, the skill requires access to a sensitive secret (the SSH private key file). The metadata inconsistency (registry listing none vs _meta.json/README declaring requiredEnvVars) is concerning — it may lead to unexpected exposure if platform-level protections assume none are required. The SKILL.md recommends using a dedicated, limited-permission key which is the correct mitigation.
Persistence & Privilege
The skill does not request persistent/always-on inclusion (always:false) and does not declare actions that modify other skills or system-wide agent settings. Autonomous invocation is allowed by default but not itself a flag here; combine that with the sensitive key-access requirement when deciding whether to allow autonomous execution.
How to Use
  1. Make sure OpenClaw is installed (local or Docker)
  2. Run the install command in chat: /install ssh-remote-control
  3. After installation, invoke the skill by name or use /ssh-remote-control
  4. Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.10
- 更新 metadata 中的 homepage 链接为新的 GitHub 地址 - 强化了私钥安全警告,提醒务必使用专用密钥对,避免使用日常登录密钥
v1.0.9
ssh-remote-control 1.0.9 - No functional or documentation changes in this release. - Version increment only; content remains identical to previous release.
v1.0.8
ssh-remote-control 1.0.8 - Updated and refined README.md content. - Minor edits and clarifications to improve documentation accuracy and clarity. - No code or logic changes—documentation update only.
v1.0.7
Explain why closing tunnel = physical isolation, personal computers are more secure than servers
v1.0.6
Fix metadata mismatch, PasswordAuthentication yes, strengthen security best practices
v1.0.5
Rewrite README in full-section bilingual format
v1.0.4
Rewrite README in bilingual format
v1.0.3
Fix GitHub URL to correct repo
v1.0.2
Add project links
v1.0.1
Update: emphasize security, generic tunneling tools, local control
v1.0.0
Initial release
Metadata
Slug ssh-remote-control
Version 1.0.10
License MIT-0
All-time Installs 1
Active Installs 1
Total Versions 11
Frequently Asked Questions

What is Ssh Remote Control?

SSH远程控制电脑 - 让AI Agent通过SSH连接和操作远程Mac/Linux电脑,无需在被控电脑上安装任何agent工具。一个服务器上的AI,触手伸向多台远程设备。 It is an AI Agent Skill for Claude Code / OpenClaw, with 229 downloads so far.

How do I install Ssh Remote Control?

Run "/install ssh-remote-control" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is Ssh Remote Control free?

Yes, Ssh Remote Control is completely free, licensed under MIT-0. You can download, install and use it at no cost.

Which platforms does Ssh Remote Control support?

Ssh Remote Control is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created Ssh Remote Control?

It is built and maintained by lixiang92229 (@lixiang92229); the current version is v1.0.10.

More Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191115 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 Comments