← Back to Skills Marketplace
1421
Downloads
0
Stars
15
Active Installs
2
Versions
Install in OpenClaw
/install terminal-executor
Description
Execute terminal commands with optional sudo privileges and return the command output safely upon user request.
Usage Guidance
This skill legitimately runs arbitrary shell commands (including prefixed with sudo). Before installing, confirm you trust the author and environment where it will run. Consider: 1) avoid running the skill with sensitive account access or secrets available in the environment; 2) require explicit human confirmation before any destructive or privileged commands — the skill's docs suggest this but do not enforce it; 3) review the code (tools/exec.js and tools/sudo_exec.js) and, if possible, run in a sandbox or VM first; 4) be aware that command output may leak secrets or system data, and sudo commands may prompt for credentials or fail silently. If you need stricter controls, prefer a wrapper that enforces command whitelisting and explicit confirmations.
Capability Analysis
Type: OpenClaw Skill
Name: terminal-executor
Version: 1.0.1
The skill provides arbitrary shell command execution capabilities, including a dedicated tool for sudo access (tools/sudo_exec.js and tools/exec.js). While these tools align with the stated purpose of a 'terminal executor,' they grant the AI agent unconstrained control over the host system without any input sanitization or command filtering, posing a significant risk of Remote Code Execution (RCE). No evidence of intentional malicious payloads, exfiltration, or obfuscation was found.
Capability Assessment
Purpose & Capability
Name, description, SKILL.md, and included code (exec and sudo_exec) all align: the skill exists to run terminal commands and provide outputs. There are no unrelated environment variables, external downloads, or unexpected capabilities declared.
Instruction Scope
SKILL.md and the code allow execution of arbitrary shell commands and sudo-prefixed commands. This is within the declared purpose, but the instructions rely on the agent/user to confirm sensitive actions (no programmatic confirmation enforcement). Returned command output may contain secrets or sensitive system information; the skill does not sanitize or limit outputs.
Install Mechanism
No install spec or external downloads; the skill is instruction/code-only and uses local Node.js modules. Nothing is written to disk beyond the provided files.
Credentials
The skill requests no credentials or config paths, which matches its purpose. However, child processes inherit process.env (the code passes process.env to commands), so executed commands can read environment variables and local files — a natural capability for any command runner but a privacy/safety concern in practice.
Persistence & Privilege
always is false and the skill does not request persistent system changes or modify other skills. It does allow autonomous invocation (platform default), which combined with arbitrary command execution is a runtime risk but is not unusual for this category of skill.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install terminal-executor - After installation, invoke the skill by name or use
/terminal-executor - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.1
- Added metadata file (_meta.json) for the skill.
- No changes to the skill's documentation or functionality.
v1.0.0
Initial release of terminal-executor.
- Supports executing terminal commands and commands requiring sudo privileges.
- Provides two main tools: exec (standard commands) and sudo_exec (sudo commands).
- Activated when users need to run system commands, install software, or check system status.
- Safety guidelines included: prompts confirmation for sensitive actions and logs command history.
- Example use cases provided for system info, software installation, and process monitoring.
Metadata
Frequently Asked Questions
What is Terminal Executor?
Execute terminal commands with optional sudo privileges and return the command output safely upon user request. It is an AI Agent Skill for Claude Code / OpenClaw, with 1421 downloads so far.
How do I install Terminal Executor?
Run "/install terminal-executor" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is Terminal Executor free?
Yes, Terminal Executor is completely free (open-source). You can download, install and use it at no cost.
Which platforms does Terminal Executor support?
Terminal Executor is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created Terminal Executor?
It is built and maintained by Choas (@choasx); the current version is v1.0.1.
More Skills