← 返回 Skills 市场
idienet

My Shell

作者 IdIeNet · GitHub ↗ · v1.0.0
cross-platform ⚠ suspicious
401
总下载
0
收藏
3
当前安装
1
版本数
在 OpenClaw 中安装
/install my-shell
功能描述
Runs shell commands inside a dedicated tmux session named claw, captures output, and prompts before executing potentially destructive commands.
安全使用建议
Don't install this skill into sensitive agents as-is. The handler constructs a shell command string and only escapes double quotes, so user-supplied content containing shell substitutions (e.g., $(...), `...`, $VAR expansions) will be executed by the host shell before tmux receives the input — this is an RCE risk. The 'dangerous' filter is a simple substring check and can be bypassed by common command forms. If you need this functionality: (1) ask the author to stop using execSync with a single command string and instead use a subprocess API that avoids a shell (e.g., child_process.spawn or execFile with argument arrays, or execSync with shell disabled), or at minimum properly escape/validate all special shell metacharacters; (2) strengthen the dangerous-command detection and require explicit user confirmation for destructive commands; (3) run the skill in an isolated, non-root container or sandboxed environment and avoid running on hosts with sensitive data. If you cannot get those fixes, treat the skill as unsafe and do not give it access to agents running on production or privileged hosts.
功能分析
Type: OpenClaw Skill Name: my-shell Version: 1.0.0 The skill provides a persistent shell interface via tmux, which is a high-risk capability. The implementation in handler.js contains a command injection vulnerability because it uses execSync with insufficient sanitization (only escaping double quotes, leaving backticks and subshells vulnerable). While it includes a basic safety filter (isDangerous), the overall design allows for arbitrary code execution on the host beyond the intended tmux session.
能力评估
Purpose & Capability
Name, description, SKILL.md, and handler.js all align: the skill runs arbitrary shell commands in a tmux session named 'claw' and returns pane output. No unrelated credentials, binaries, or install steps are requested.
Instruction Scope
SKILL.md limits scope (only session 'claw', prompts for destructive commands) but the runtime code does not reliably enforce these constraints. The dangerous-command check is string-based and easily bypassed (e.g., common forms like 'rm -rf /' are not always detected). More critically, the code builds a shell command string and only escapes double quotes, so constructs like $(...) or backticks inside the input will be interpreted by the host shell before being sent to tmux, allowing immediate host-side command execution outside the tmux target.
Install Mechanism
No install spec; this is an instruction/code-only skill and does not download or write additional artifacts during installation.
Credentials
The skill requests no environment variables, credentials, or config paths — this is proportionate to its stated purpose.
Persistence & Privilege
always:false (no forced always-on). The skill can be invoked autonomously (platform default). Combined with the implementation vulnerability, autonomous invocation increases risk because the agent could be induced to run crafted inputs that execute on the host.
如何使用
  1. 确保已安装 OpenClaw(本地或 Docker 部署)
  2. 在对话框中输入安装命令:/install my-shell
  3. 安装完成后,直接呼叫该 Skill 的名称或使用 /my-shell 触发
  4. 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.0
claw-shell 1.0.0 initial release - Introduces a shell command tool that always runs inside tmux session named `claw`. - Ensures only the `claw` session is used and never interacts with other tmux sessions. - Returns the output of shell commands back to the agent after execution. - Implements safety checks prohibiting commands like `sudo`, `rm` (without confirmation), `reboot`, and `shutdown`; requests user confirmation before running dangerous commands.
元数据
Slug my-shell
版本 1.0.0
许可证
累计安装 3
当前安装数 3
历史版本数 1
常见问题

My Shell 是什么?

Runs shell commands inside a dedicated tmux session named claw, captures output, and prompts before executing potentially destructive commands. 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 401 次。

如何安装 My Shell?

在 OpenClaw 或 Claude Code 对话框中运行命令「/install my-shell」即可一键安装,无需额外配置。

My Shell 是免费的吗?

是的,My Shell 完全免费(开源免费),可自由下载、安装和使用。

My Shell 支持哪些平台?

My Shell 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。

谁开发了 My Shell?

由 IdIeNet(@idienet)开发并维护,当前版本 v1.0.0。

推荐 Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191113 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 留言讨论