← 返回 Skills 市场
claw-shell
作者
imaginelogo
· GitHub ↗
· v1.0.0
13572
总下载
8
收藏
304
当前安装
1
版本数
在 OpenClaw 中安装
/install claw-shell
功能描述
Runs shell commands inside a dedicated tmux session named claw, captures, and returns the output, with safety checks for destructive commands.
安全使用建议
Install only if you intentionally want the agent to have local shell access. Use it in a disposable or sandboxed environment, approve commands carefully, avoid displaying secrets in the tmux session, and inspect or kill the claw tmux session when finished.
功能分析
Type: OpenClaw Skill
Name: claw-shell
Version: 1.0.0
This skill is classified as suspicious due to its core functionality of executing arbitrary shell commands via `tmux send-keys` in `handler.js`. While the `SKILL.md` and `handler.js` include basic client-side checks for 'dangerous' commands (e.g., `sudo`, `rm`, `reboot`) and instruct the AI agent to seek user confirmation, these checks are easily bypassable (e.g., by using `sh -c 'rm -rf /'`). The ability to run any shell command grants broad system access, enabling potential data exfiltration, persistence, or other malicious activities, even if not explicitly coded into the skill itself.
能力评估
Purpose & Capability
The purpose is coherent and disclosed: run shell commands in a dedicated tmux session and return output. However, that is broad local command execution with the user's privileges, including the ability to read or modify files, access network tools, and start processes.
Instruction Scope
SKILL.md says dangerous commands require user confirmation, but handler.js only uses a narrow substring denylist and has no robust approval boundary or allowlist for mutating commands.
Install Mechanism
The artifact has only SKILL.md and handler.js, with no install script or hidden setup. It depends on tmux, but the package metadata does not clearly declare that dependency.
Credentials
A shell runner naturally needs command execution, but this implementation is not sandboxed, not limited to a working directory, and sends user-controlled command text through execSync-based shell interpolation before tmux receives it.
Persistence & Privilege
The skill creates or reuses a persistent tmux session named claw and captures the last 200 pane lines, so long-running processes and prior terminal output can persist across tool calls.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install claw-shell - 安装完成后,直接呼叫该 Skill 的名称或使用
/claw-shell触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.0
claw-shell 1.0.0 initial release:
- Provides an interface to run shell commands exclusively inside a tmux session named claw.
- Always creates or attaches to the session, ensuring isolation from other tmux sessions.
- Captures and returns command output to the agent.
- Includes safety checks: blocks potentially dangerous commands (e.g., sudo, rm, shutdown) unless user confirms.
- Simple, single-tool interface (`claw_shell_run`) with clear command input and safety guidance.
元数据
常见问题
claw-shell 是什么?
Runs shell commands inside a dedicated tmux session named claw, captures, and returns the output, with safety checks for destructive commands. 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 13572 次。
如何安装 claw-shell?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install claw-shell」即可一键安装,无需额外配置。
claw-shell 是免费的吗?
是的,claw-shell 完全免费(开源免费),可自由下载、安装和使用。
claw-shell 支持哪些平台?
claw-shell 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 claw-shell?
由 imaginelogo(@imaginelogo)开发并维护,当前版本 v1.0.0。
推荐 Skills