← Back to Skills Marketplace

ssh-agentd-control

Name: ssh-agentd-control
Author: offlinecat-dev

by offlinecat · GitHub ↗ · v0.1.0

cross-platform ⚠ suspicious

427

Downloads

Stars

Active Installs

Versions

Install in OpenClaw

/install ssh-agentd-control

Description

管理并使用本地 ssh-agentd（systemd 常驻 + API 调用 + 连通性验证）。当用户提到 ssh-agentd、持久 SSH 会话、/run /upload /tail_logs、开机自启、会话状态/指标排查时使用。

Usage Guidance

This skill appears to do what it says: help manage a local ssh-agentd service and call its HTTP API. Before installing or using it: (1) verify the hard-coded paths (e.g., /home/krex/...) and update them to match your environment; (2) review the systemd unit and hosts.yaml on the target machine so you trust what the agent can do; (3) treat SSH_AGENTD_TOKEN like any secret — do not store it in files checked into repos and prefer short-lived tokens with minimal scope; (4) be aware the script unsets proxy variables/uses --noproxy '*' (this is to reach localhost but effectively bypasses proxies/monitoring); (5) remember many commands require sudo and the agent can trigger remote command execution via /run, so limit who can invoke the skill and audit usage. If you need higher assurance, request the publisher declare SSH_AGENTD_TOKEN/SSH_AGENTD_URL as optional env vars in metadata and replace hard-coded paths with configurable defaults.

Capability Analysis

Type: OpenClaw Skill Name: ssh-agentd-control Version: 0.1.0 The skill provides direct instructions in SKILL.md for the agent to execute privileged `sudo systemctl` commands locally and, more critically, to use the `ssh-agentd` service's `/run` API endpoint to execute arbitrary commands on remote hosts. This is demonstrated by the `{"host":"nas","cmd":"hostname && whoami","timeoutSec":10}` example in SKILL.md. While these capabilities might be intended for legitimate system administration, they present a significant prompt injection vulnerability, allowing an attacker to instruct the agent to inject malicious commands into the `cmd` parameter, leading to remote code execution on target hosts or privileged local actions.

Capability Assessment

ℹ Purpose & Capability

The name/description match the provided instructions and script: systemctl commands, local API calls, and connectivity checks. Minor oddity: SKILL.md references hard-coded user-specific paths (/home/krex/...) which makes the skill environment-specific and may not work on other machines or leak path assumptions.

✓ Instruction Scope

Instructions tell the agent to run systemctl, inspect sockets, and call the local API (including running remote commands through the agent). All of these are coherent with managing ssh-agentd. Note: the skill suggests running privileged commands (sudo) and will invoke operations that can execute arbitrary commands on hosts via the agent's /run endpoint — expected for this tool but powerful, so exercise caution.

✓ Install Mechanism

No install spec (instruction-only) and only a small helper script are included, so nothing is downloaded or written to disk at install time beyond the provided files.

ℹ Credentials

Registry metadata lists no required env vars, but the script and examples use SSH_AGENTD_TOKEN and optionally SSH_AGENTD_URL. This is reasonable (token is optional if API auth is disabled), but the skill should document these env vars in its manifest. The script intentionally unsets proxy env vars/uses --noproxy to reach localhost; while sensible to avoid proxy interception, this behavior can bypass network monitoring in some environments and is worth noting.

✓ Persistence & Privilege

The skill does not request always:true or persistent privileges. It instructs administrators to run systemctl (sudo) for enabling/restarting the service — appropriate for managing a systemd service. The skill does not modify other skills or global agent settings.

How to Use

Make sure OpenClaw is installed (local or Docker)
Run the install command in chat: /install ssh-agentd-control
After installation, invoke the skill by name or use /ssh-agentd-control
Provide required inputs per the skill's parameter spec and get structured output

Version History

v0.1.0

initial release

Metadata

Slug ssh-agentd-control

Version 0.1.0

License —

All-time Installs 0

Active Installs 0

Total Versions 1

Frequently Asked Questions

What is ssh-agentd-control?

管理并使用本地 ssh-agentd（systemd 常驻 + API 调用 + 连通性验证）。当用户提到 ssh-agentd、持久 SSH 会话、/run /upload /tail_logs、开机自启、会话状态/指标排查时使用。 It is an AI Agent Skill for Claude Code / OpenClaw, with 427 downloads so far.

How do I install ssh-agentd-control?

Run "/install ssh-agentd-control" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is ssh-agentd-control free?

Yes, ssh-agentd-control is completely free (open-source). You can download, install and use it at no cost.

Which platforms does ssh-agentd-control support?

ssh-agentd-control is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created ssh-agentd-control?

It is built and maintained by offlinecat (@offlinecat-dev); the current version is v0.1.0.

More Skills