← Back to Skills Marketplace
90
Downloads
0
Stars
0
Active Installs
2
Versions
Install in OpenClaw
/install openclaw-claudecode
Description
Control Claude Code (cc) via tmux to execute development tasks. Use for: starting CC development sessions, sending development commands, monitoring progress,...
Usage Guidance
This skill appears to do what it says, but it contains several risky or under-documented actions. Before installing or running it:
- Do not blindly run curl | sh; inspect the remote install script or prefer npm install from a trusted package.
- Avoid using --dangerously-skip-permissions and automated 'y' confirmations unless you fully trust the commands Claude will run. These flags can cause destructive or network-exfiltrating actions to proceed without human review.
- The SKILL.md references ANTHROPIC_API_KEY and 'claude /login' but the registry metadata doesn't declare required env vars; ensure you provide and protect the correct API credentials and never paste secrets into commands or public logs.
- Creating system users and setting passwords via chpasswd is a privileged action; run these steps in a controlled environment (VM or container), not on production hosts.
- If you plan to allow autonomous invocation, restrict it until you confirm the install source and remove the auto-confirm behaviors.
If you want a lower-risk setup, ask the author for: a trustworthy source/release for Claude Code, explicit required environment variables, safer defaults (no --dangerously flags), and a mode that requires manual confirmation for privileged operations.
Capability Analysis
Type: OpenClaw Skill
Name: openclaw-claudecode
Version: 1.1.0
The skill automates Claude Code via tmux, requiring high-privilege actions like package installation (apt/dnf), user creation (useradd), and the use of the '--dangerously-skip-permissions' flag which bypasses all safety confirmations within the Claude Code CLI. While these actions align with the stated goal of automated development, the combination of root-level setup and unconstrained sub-agent execution presents a significant security risk. (File: SKILL.md)
Capability Tags
Capability Assessment
Purpose & Capability
The name/description (control Claude Code via tmux for development tasks) matches the runtime instructions: creating tmux sessions, sending commands, monitoring output, and managing sessions. Creating a non-root user to run CC is explained and logically consistent with the stated purpose.
Instruction Scope
The SKILL.md instructs the agent (and operator) to install packages, create system users, set passwords via chpasswd (plaintext in commands), run external installer scripts, use an explicit flag (--dangerously-skip-permissions) to bypass confirmations, and automate sending confirmation keystrokes. These actions go beyond simple orchestration of a CLI tool and grant broad ability to perform privileged system changes and to auto-accept prompts, which could cause unintended destructive or exfiltrative operations.
Install Mechanism
Although there is no formal install spec, the runtime instructions advise installing Claude Code by piping a remote script (curl -fsSL https://claude.ai/install.sh | sh) — a high-risk pattern because it executes code fetched from the network without provenance checks. npm -g install is reasonable, but the unvetted curl|sh install is disproportionate and risky for an instruction-only skill.
Credentials
requires.env is empty in registry metadata, but SKILL.md refers to authentication and an ANTHROPIC_API_KEY (and suggests running 'claude /login'), and also suggests embedding plaintext passwords in chpasswd commands. The skill implicitly needs credentials but doesn't declare them; that mismatch and the plaintext-password pattern are disproportionate and raise risk of accidental credential exposure.
Persistence & Privilege
The skill does not request always:true and does not modify other skills, which is good. However it instructs privileged operations (package installs, useradd, chpasswd, su) that require root. Also the combination of autonomous invocation (default allowed) plus instructions to auto-confirm prompts and use --dangerously-skip-permissions increases blast radius if the agent is allowed to run these steps without human supervision.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install openclaw-claudecode - After installation, invoke the skill by name or use
/openclaw-claudecode - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.1.0
openclaw-claudecode 1.1.0
- removed passwordless sudo suggestion.
* Follow GitHub Updates: https://github.com/fanzhidongyzby/openclaw-claudecode.git
v1.0.0
openclaw-claudecode 1.0.0 Released
- Control Claude Code (cc) via tmux to execute development tasks.
Metadata
Frequently Asked Questions
What is OpenClaw ClaudeCode Controller?
Control Claude Code (cc) via tmux to execute development tasks. Use for: starting CC development sessions, sending development commands, monitoring progress,... It is an AI Agent Skill for Claude Code / OpenClaw, with 90 downloads so far.
How do I install OpenClaw ClaudeCode Controller?
Run "/install openclaw-claudecode" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is OpenClaw ClaudeCode Controller free?
Yes, OpenClaw ClaudeCode Controller is completely free, licensed under MIT-0. You can download, install and use it at no cost.
Which platforms does OpenClaw ClaudeCode Controller support?
OpenClaw ClaudeCode Controller is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created OpenClaw ClaudeCode Controller?
It is built and maintained by Florian (@fanzhidongyzby); the current version is v1.1.0.
More Skills