← Back to Skills Marketplace
tunneling
by
Simantak Dabhade
· GitHub ↗
· v1.0.0
2092
Downloads
7
Stars
2
Active Installs
1
Versions
Install in OpenClaw
/install tunneling
Description
Create free SSH tunnels to expose local ports to the internet using tinyfi.sh. Use when you need to share a locally running app, test webhooks, demo a prototype, or get a public HTTPS URL for any local service — no signup or authentication required.
Usage Guidance
Before installing or letting an agent run this skill, consider: (1) The metadata fails to list 'ssh' as a required binary even though the instructions rely on it — ask the publisher to correct that. (2) tinyfi.sh has no listed homepage or source in the skill; verify who operates tinyfi.sh and whether you trust that operator, because all tunneled traffic (and URLs) will pass through their servers. (3) The recommended ssh option StrictHostKeyChecking=accept-new auto-accepts host keys — this can allow man-in-the-middle connections; prefer verifying the server fingerprint manually. (4) Never expose services that handle secrets, authentication tokens, private keys, or production databases via an untrusted tunnel. If you must test webhooks/demos, run on ephemeral test data behind authentication. (5) If you don't fully trust tinyfi.sh or autonomous agent execution, run the ssh command yourself manually and inspect the connection, or use a well-known tunneling provider (or your own SSH server) with documented security practices. (6) Consider limiting the agent's ability to execute background network processes unless you explicitly trust the skill and its operator.
Capability Analysis
Type: OpenClaw Skill
Name: tunneling
Version: 1.0.0
The skill is designed to create SSH tunnels to expose local ports using the tinyfi.sh service. It instructs the agent via SKILL.md to execute an `ssh` command in the background to `tinyfi.sh`, which is directly aligned with its stated purpose. While `ssh` is a powerful tool, its use here is for its intended tunneling functionality, and there is no evidence of data exfiltration, malicious execution beyond the stated purpose, or prompt injection with harmful objectives. The `StrictHostKeyChecking=accept-new` flag is a minor security convenience but does not indicate malicious intent.
Capability Assessment
Purpose & Capability
The SKILL.md explicitly requires SSH to create remote port forwards (ssh -R ... tinyfi.sh), but the skill metadata declares no required binaries. That mismatch is incoherent: the skill needs ssh to work but doesn't declare it. Additionally the skill points traffic to tinyfi.sh (no homepage or source listed), so the external dependency is not documented or vetted in the metadata.
Instruction Scope
Runtime instructions tell the agent to run ssh -R and to use -o StrictHostKeyChecking=accept-new (auto-accept new host keys) and to run the SSH command in the background. Auto-accepting host keys increases risk of connecting to an impostor server; running the tunnel exposes arbitrary local services to the remote operator, including any sensitive endpoints or credentials sent over those connections. The instructions do not require verifying server fingerprints or limiting what is exposed.
Install Mechanism
This is an instruction-only skill with no install steps or code to write to disk, which is lower risk. There is no download or install mechanism to review.
Credentials
The skill declares no environment variables or credentials and the instructions do not request any secrets. That is proportionate. However, creating a tunnel inherently exposes local network services and any data those services accept to the remote server (tinyfi.sh), which is a privacy/security consideration not reflected in metadata.
Persistence & Privilege
The skill is not always-enabled and does not request elevated platform privileges. It does instruct the agent to run background SSH processes (which is normal for a tunneling tool), but autonomous execution would let the agent open network tunnels — a capability worth restricting to trusted skills or explicit user approval.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install tunneling - After installation, invoke the skill by name or use
/tunneling - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.0
- Initial release of the tunneling skill.
- Easily expose any local port to the public internet via the TinyFish (tinyfi.sh) SSH tunnel service.
- No signup or authentication required; just use SSH.
- Supports choosing random or custom subdomains for your public URL.
- Includes keep-alive instructions for stable long-running tunnels.
- Documents usage guidelines, common ports, and service rate limits.
Metadata
Frequently Asked Questions
What is tunneling?
Create free SSH tunnels to expose local ports to the internet using tinyfi.sh. Use when you need to share a locally running app, test webhooks, demo a prototype, or get a public HTTPS URL for any local service — no signup or authentication required. It is an AI Agent Skill for Claude Code / OpenClaw, with 2092 downloads so far.
How do I install tunneling?
Run "/install tunneling" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is tunneling free?
Yes, tunneling is completely free (open-source). You can download, install and use it at no cost.
Which platforms does tunneling support?
tunneling is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created tunneling?
It is built and maintained by Simantak Dabhade (@simantak-dabhade); the current version is v1.0.0.
More Skills