← Back to Skills Marketplace
GPU CLI: Remote GPU Compute for ML Training and Inference
by
Angus Bezzina
· GitHub ↗
· v1.2.0
· MIT-0
518
Downloads
1
Stars
1
Active Installs
4
Versions
Install in OpenClaw
/install gpu-cli
Description
Safely run local `gpu` commands via a guarded wrapper (`runner.sh`) with preflight checks and budget/time caps.
README (SKILL.md)
GPU CLI Skill (Stable)
Use this skill to run the local gpu binary from your agent. It only allows invoking the bundled runner.sh (which internally calls gpu) and read-only file access.
What it does
- Runs
gpucommands you specify (e.g.,runner.sh gpu status --json,runner.sh gpu run python train.py). - Recommends a preflight:
gpu doctor --jsonthengpu status --json. - Streams results back to chat; use
--jsonfor structured outputs.
Safety & scope
- Allowed tools:
Bash(runner.sh*),Read. No network access requested by the skill;gpuhandles its own networking. - Avoid chaining or redirection; provide a single
runner.sh gpu …command. - You pay your provider directly; this may start paid pods.
Quick prompts
- "Run
runner.sh gpu status --jsonand summarize pod state". - "Run
runner.sh gpu doctor --jsonand summarize failures". - See
templates/prompts.mdfor more examples.
Security
- Input sanitization: character blocklist (
; & | \( ) > \x3C $ { }+ newlines) plus subcommand allowlist. Commands are executed via directgpubinary invocation — no shell re-evaluation (bash -c/eval`). - See
SECURITY.mdfor the full threat model, permission rationale, and version history.
Notes
- For image/video/LLM work, ask the agent to include appropriate flags (e.g.,
--gpu-type "RTX 4090",-p 8000:8000, or--rebuild).
Usage Guidance
This skill appears to do exactly what it says: run the local 'gpu' CLI through a guarded wrapper. Before installing/using it: 1) review and keep dry-run on until you trust it (SKILL_DRY_RUN=true); 2) don't set SKILL_CONFIRM=yes unless you understand the cost implications (it can start paid pods via your provider); 3) verify and install the 'gpu' binary from a trusted source (the runner prints a curl | sh URL—treat that like any remote installer and inspect it first); 4) be aware the wrapper delegates networking and auth to the gpu binary, so you should audit/confirm that binary and its credentials separately; 5) if you rely on complex argument parsing, test edge cases (quoting, unusual gpu-type strings) because the script uses simple text parsing and fallbacks that may be brittle.
Capability Analysis
Type: OpenClaw Skill
Name: gpu-cli
Version: 1.2.0
The gpu-cli skill is a well-engineered wrapper for a local GPU management utility, featuring robust security controls designed to prevent shell injection. The 'runner.sh' script implements a strict character blocklist, a subcommand allowlist, and utilizes direct array-based execution to avoid shell re-evaluation. The bundle includes comprehensive security documentation (SECURITY.md) and a self-test suite (selftest.sh) specifically designed to verify its injection-prevention logic, demonstrating a clear focus on safety and alignment with its stated purpose.
Capability Assessment
Purpose & Capability
The skill claims to run the local 'gpu' binary with guardrails and the bundle contains a wrapper (runner.sh), tests, docs, and a manifest matching that goal. It does not request unrelated credentials, binaries, or network permissions.
Instruction Scope
SKILL.md restricts allowed tools to the bundled runner and read-only access; runner.sh enforces a prefix and subcommand allowlist, a metacharacter blocklist, dry-run/confirmation gates, price/runtime caps, and direct exec of the gpu binary. This stays inside the stated scope. Minor note: some parsing (sed/grep/jq fallbacks and read -ra splitting) is best-effort and brittle in edge cases—this is a robustness concern, not an evidence of malicious behavior.
Install Mechanism
No install spec is provided (instruction-only), so nothing is downloaded or written by the skill itself. The runner.sh prints a suggested install command for the external 'gpu' binary (a curl | sh URL) only in an error message — that is not executed by the skill but is a user-visible suggestion you should verify before running.
Credentials
The skill does not request secrets or external service credentials. It exposes configuration via SKILL_* env vars (dry-run, caps, confirm, etc.) which are reasonable for this wrapper. It delegates networking and auth to the user-installed 'gpu' CLI, which is expected for this purpose.
Persistence & Privilege
The skill is not always-on and does not request elevated privileges or system-wide config changes. It may invoke 'gpu daemon start' via the gpu binary (to remediate transient errors) which can create background processes — this behavior is consistent with managing GPU jobs and is attributable to the gpu CLI rather than the skill itself.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install gpu-cli - After installation, invoke the skill by name or use
/gpu-cli - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.2.0
- Added SECURITY.md detailing the full threat model, permission rationale, and version history.
- Updated usage documentation to reference templates/prompts.md for more prompt examples.
- Expanded security section: described input sanitization mechanisms and how commands are executed securely.
- Improved transparency by highlighting where to find more safety and scope details.
v1.1.1
**Summary:** Safety-focused update introducing a guarded runner and simplified scope.
- Introduces a `runner.sh` script as the only permitted interface to wrap all `gpu` commands with preflight checks and budget/time caps.
- Restricts allowed operations to specific tools: `Bash(runner.sh*)` and `Read` (removes direct file references and broader shell access).
- Retires detailed internal command documentation and references, favoring concise usage guidance and safety notes.
- Provides new prompt examples and recommends running preflight checks (`gpu doctor`, `gpu status`) before jobs.
- Emphasizes user responsibility for billing, clarifies that network and job lifecycle are managed solely by the `gpu` binary.
v1.1.0
Improved search discoverability with richer description and tags
v1.0.0
Initial release of gpu-cli: run local commands on remote GPUs with secure, zero-trust encryption.
- Provides a `gpu` command to run code remotely as if local, including pod provisioning, code sync, and output streaming.
- Supports NVIDIA GPU inventory, pricing, diagnostics, and job status.
- Includes volume and vault (encrypted storage) management commands.
- Adds features for LLM inference, ComfyUI workflows, serverless endpoints, and interactive notebook execution.
- Offers detailed configuration, organization, authentication, and daemon control commands.
- Most commands support `--json` for structured output; clear documentation for usage and troubleshooting.
Metadata
Frequently Asked Questions
What is GPU CLI: Remote GPU Compute for ML Training and Inference?
Safely run local `gpu` commands via a guarded wrapper (`runner.sh`) with preflight checks and budget/time caps. It is an AI Agent Skill for Claude Code / OpenClaw, with 518 downloads so far.
How do I install GPU CLI: Remote GPU Compute for ML Training and Inference?
Run "/install gpu-cli" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is GPU CLI: Remote GPU Compute for ML Training and Inference free?
Yes, GPU CLI: Remote GPU Compute for ML Training and Inference is completely free, licensed under MIT-0. You can download, install and use it at no cost.
Which platforms does GPU CLI: Remote GPU Compute for ML Training and Inference support?
GPU CLI: Remote GPU Compute for ML Training and Inference is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created GPU CLI: Remote GPU Compute for ML Training and Inference?
It is built and maintained by Angus Bezzina (@angusbezzina); the current version is v1.2.0.
More Skills