ClawHub

Cli Agent Architecture

v1.0.0

Teach the two-layer CLI architecture enabling AI agents to run shell commands natively with lossless execution and adaptive LLM presentation.

0· 48·1 current·1 all-time
by@1477009639zw-blip
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
The name/description (two-layer CLI architecture) align with the included SKILL.md and the three helper scripts (binary_guard.py, stderr_capture.py, truncator.py). There are no unrelated required env vars, binaries, or external installs — the provided code implements exactly the Layer 2 presentation behaviors described.
Instruction Scope
SKILL.md explicitly instructs the agent to use a single run(command="...") primitive and to preserve lossless Layer 1 execution while applying Layer 2 presentation. The instructions do not ask the agent to read unrelated user files or environment variables, nor to contact external endpoints. However, by design it advocates running arbitrary shell commands (the core purpose), which inherently lets the agent access system files and could surface secrets if commands touch sensitive data.
Install Mechanism
No install spec is provided (instruction-only with bundled scripts). That is the lowest-risk install model — nothing is downloaded or executed at install time. The code files are plain Python with no network calls or obfuscated components.
Credentials
The skill declares no required environment variables, credentials, or config paths. The scripts operate on stdin/stdout and temporary files only, so requested environment access is proportional to the stated purpose.
Persistence & Privilege
The skill does not request persistent agent presence (always:false) and does not modify other skills. The truncator and binary-guard write full outputs to temporary files (mkstemp, /tmp style paths) and print the temp path back; those temp files can persist on disk and may contain sensitive output. This is an expected behavior for presenting large outputs, but it is a data-leakage/privacy consideration.
Assessment
This package is internally consistent with its stated purpose, but it enables and encourages running arbitrary shell commands and writes full outputs to temporary files. Before using: (1) Review the three scripts (they are readable and do not perform network I/O), (2) run the agent in a sandboxed environment or under a user with minimal privileges (do not run as root), (3) be aware that truncated/full-output temp files may persist on disk and could contain secrets—implement cleanup or restrict filesystem access, and (4) avoid pointing the agent at sensitive workspaces (password stores, private keys, production systems) unless you explicitly trust and control the execution environment.

Like a lobster shell, security has layers — review code before you run it.

latestvk97fx89g0748ctc857r1fb1ksh83tqyd

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments