← 返回 Skills 市场
fresh3

Taizi Claw Shell

作者 fresh3 · GitHub ↗ · v1.0.0 · MIT-0
cross-platform ⚠ suspicious
256
总下载
0
收藏
1
当前安装
1
版本数
在 OpenClaw 中安装
/install taizi-claw-shell
功能描述
Runs shell commands inside a dedicated tmux session named 'claw', returning command output and prompting before destructive commands.
安全使用建议
This skill runs arbitrary shell commands and returns their output. Before installing, consider: 1) The skill requires tmux but does not declare it — ensure tmux is available and you accept that requirement. 2) The implementation uses node's execSync with the user command interpolated into a shell command; this can cause the host shell to evaluate parts of the input before tmux receives it (e.g., $(cmd), backticks, environment expansions, or other metacharacters), enabling unexpected or destructive host-side execution. 3) The 'dangerous command' check is basic and can be bypassed; the code only returns an error code that your agent must interpret rather than enforcing confirmation. Recommendations: only install if you trust the agent and users of the skill; ask the developer to (a) declare tmux in metadata, (b) avoid execSync with a shell (use spawn with argv or pass arguments to tmux directly to avoid shell expansion), and (c) implement an explicit confirmation step or server-side gating for destructive commands. If you cannot get these fixes, treat the skill as unsafe for untrusted input or production use.
功能分析
Type: OpenClaw Skill Name: taizi-claw-shell Version: 1.0.0 The skill provides a tool to execute arbitrary shell commands within a persistent tmux session. It is classified as suspicious due to a command injection vulnerability in handler.js, where the sendCommand function fails to sanitize shell metacharacters (e.g., backticks or dollar signs) before passing them to execSync. While the skill includes a basic safety blacklist (isDangerous) and instructions in SKILL.md to avoid destructive commands, the implementation is inherently high-risk and lacks robust input validation.
能力评估
Purpose & Capability
The SKILL.md and handler implement a tmux-backed shell, which is coherent, but the registry metadata lists no required binaries even though tmux is essential. The skill therefore underdeclares its footprint (tmux must be present).
Instruction Scope
SKILL.md promises to run commands only inside session 'claw' and to prompt before destructive commands. The handler largely follows that, but it uses execSync to invoke shell commands that incorporate the user-supplied command string. Because the code only escapes double quotes, shell metacharacters (e.g., $(...), `...`, $VAR, ;, &, |) can be interpreted by the invoking shell before tmux is called, meaning input can be executed on the host outside the tmux pane. The 'ask first' behavior is implemented only by returning an error token, not by enforcing an interactive confirmation.
Install Mechanism
Instruction-only with a small handler.js and no install spec — nothing is downloaded or written during installation. This is low install risk, but the skill still requires tmux at runtime (not declared).
Credentials
No environment variables, credentials, or config paths are requested; that is proportionate to the described purpose.
Persistence & Privilege
always is false and the skill does not request permanent presence or modify other skills or system config. Normal autonomous invocation is allowed by platform defaults.
如何使用
  1. 确保已安装 OpenClaw(本地或 Docker 部署)
  2. 在对话框中输入安装命令:/install taizi-claw-shell
  3. 安装完成后,直接呼叫该 Skill 的名称或使用 /taizi-claw-shell 触发
  4. 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.0
Initial release of taizi-claw-shell. - Runs shell commands safely inside a dedicated tmux session named "claw". - Provides a single tool, `claw_shell_run`, for sending commands and reading back output. - Strictly avoids interfering with other tmux sessions. - Asks for user confirmation before executing potentially destructive commands (e.g., `sudo`, `rm`, `reboot`). - Ensures clear separation of safe and dangerous command handling.
元数据
Slug taizi-claw-shell
版本 1.0.0
许可证 MIT-0
累计安装 1
当前安装数 1
历史版本数 1
常见问题

Taizi Claw Shell 是什么?

Runs shell commands inside a dedicated tmux session named 'claw', returning command output and prompting before destructive commands. 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 256 次。

如何安装 Taizi Claw Shell?

在 OpenClaw 或 Claude Code 对话框中运行命令「/install taizi-claw-shell」即可一键安装,无需额外配置。

Taizi Claw Shell 是免费的吗?

是的,Taizi Claw Shell 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。

Taizi Claw Shell 支持哪些平台?

Taizi Claw Shell 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。

谁开发了 Taizi Claw Shell?

由 fresh3(@fresh3)开发并维护,当前版本 v1.0.0。

推荐 Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191115 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 留言讨论