← 返回 Skills 市场
811
总下载
0
收藏
10
当前安装
1
版本数
在 OpenClaw 中安装
/install my-claw-shell
功能描述
Runs shell commands inside a dedicated tmux session named claw, returning the command output while restricting dangerous commands without confirmation.
安全使用建议
This skill will run arbitrary shell commands inside a tmux session named 'claw' and return the pane output — that is its core function and is implemented in handler.js. Before installing, consider: (1) the skill does not declare tmux as a required binary but requires it — ensure tmux is present and you understand where commands will run; (2) its "dangerous command" check is a simple substring heuristic and can miss destructive or exfiltrating commands (e.g., piping remote scripts into sh, use of other destructive tools), so do not rely on it as a safety guarantee; (3) because the skill executes whatever commands the agent or user provides (after approval), any command with network access or file access can exfiltrate data or change the system — prefer running this skill in a restricted/sandboxed environment or with explicit human confirmation for any non-trivial command; (4) if you expect automatic use by the agent, review policy for when the agent is allowed to run commands and consider requiring explicit user confirmation for dangerous patterns. To improve trust: require/declare tmux in the metadata, expand or harden dangerous-command detection, and add explicit guidance about sandboxing or privilege expectations.
功能分析
Type: OpenClaw Skill
Name: my-claw-shell
Version: 1.0.0
This skill is suspicious because it provides direct arbitrary shell command execution capabilities via `node:child_process.execSync` in `handler.js`. While it includes a blacklist (`isDangerous` function in `handler.js`) and instructions in `SKILL.md` for the agent to ask for user confirmation for certain commands, these safeguards are weak and easily bypassable. The blacklist is incomplete, and the agent's instructions are susceptible to prompt injection, allowing an attacker to execute arbitrary commands on the host system, leading to potential Remote Code Execution (RCE).
能力评估
Purpose & Capability
The skill's stated purpose is to run commands inside a tmux session named 'claw' and only touch that session. The implementation matches that intent (uses tmux has-session, send-keys, capture-pane). However, the registry metadata lists no required binaries while the code clearly depends on the tmux binary being present on the host. This is an incoherence that could cause runtime failures or hide the fact the skill will execute host tmux commands.
Instruction Scope
SKILL.md and handler.js keep scope to the 'claw' tmux session and return pane output as promised. The safety mechanism (isDangerous) returns an error prompting user confirmation for a short list of patterns, but this is a brittle heuristic that can miss many dangerous constructs (e.g., 'curl ... | sh', more shell metacharacters, alternate forms of destructive commands). The code executes arbitrary user-supplied commands by sending them to tmux, which is expected behavior but also means the skill will execute anything the agent or user passes once approval is granted.
Install Mechanism
There is no install spec (instruction-only style) which is low risk in general. But the code depends on an external native binary (tmux) and on Node's child_process execSync; the absence of a declared required binary (tmux) or any install guidance is an inconsistency and operational risk. No external downloads or obscure URLs are used.
Credentials
The skill requests no environment variables, credentials, or config paths, which is proportionate for its stated purpose.
Persistence & Privilege
The skill is not always-enabled and does not request elevated persistence or modify other skills or system-wide agent settings. It exposes an agent-invokable tool (normal default).
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install my-claw-shell - 安装完成后,直接呼叫该 Skill 的名称或使用
/my-claw-shell触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.0
Initial release of my-claw-shell skill.
- Runs shell commands exclusively inside a dedicated tmux session named "claw"
- Returns output from the tmux session back to the agent
- Protects against dangerous commands, asking for user confirmation before executing commands like sudo, rm, reboot, or shutdown
- Provides a simple tool interface: `claw_shell_run(command)`
- Automatically creates and manages the "claw" tmux session as needed
元数据
常见问题
My Claw Shell 是什么?
Runs shell commands inside a dedicated tmux session named claw, returning the command output while restricting dangerous commands without confirmation. 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 811 次。
如何安装 My Claw Shell?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install my-claw-shell」即可一键安装,无需额外配置。
My Claw Shell 是免费的吗?
是的,My Claw Shell 完全免费(开源免费),可自由下载、安装和使用。
My Claw Shell 支持哪些平台?
My Claw Shell 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 My Claw Shell?
由 biosaylom(@biosaylom)开发并维护,当前版本 v1.0.0。
推荐 Skills