ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

ClawClau

Async Claude Code task dispatcher via tmux. Use when ACP protocol fails or hangs. Spawns Claude Code in isolated tmux sessions, monitors completion, and retr...

MIT-0 · Free to use, modify, and redistribute. No attribution required.
0 · 18 · 0 current installs · 0 all-time installs
by@BarryYJJ
MIT-0
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The scripts and required binaries (tmux, jq, claude) match the skill's stated purpose: dispatching Claude Code tasks in tmux. Requiring a 'claude' binary is expected. However there is a mismatch between the registry-level install spec (only brew tmux/jq) and the SKILL.md metadata (which also lists an npm package @anthropic-ai/claude-code to provide 'claude'); that discrepancy means automatic install may not provide the claude CLI the skill needs.
!
Instruction Scope
Runtime instructions and scripts write prompts/outputs to disk under CLAWCLAU_HOME, run the claude CLI with --dangerously-skip-permissions, and optionally call an 'openclaw' command if present. Writing raw prompts to disk can store secrets or sensitive data; --dangerously-skip-permissions bypasses interactive permission checks (explicitly warned but still dangerous in untrusted environments). The monitor/notify steps will invoke openclaw system event if available, which could forward information outside the local host. Also the SKILL.md examples and scripts use different defaults for CLAWCLAU_HOME (the README suggests ~/.clawclau while scripts default to ~/.openclaw/workspace/.clawdbot), which can cause the agent to write into an unexpected location.
!
Install Mechanism
Registry install specs show brew packages for tmux and jq only, but SKILL.md metadata adds an npm package to install the 'claude' CLI. That inconsistency could leave the required 'claude' binary uninstalled by the platform installer. The listed install sources themselves (brew and npm) are standard, but the mismatch across manifests is a red flag for deployment correctness.
Credentials
The skill requests no special environment variables or credentials, which is appropriate. However it defaults to a home inside ~/.openclaw/workspace/.clawdbot (scripts) while SKILL.md first-time setup shows ~/.clawclau — inconsistent defaults may cause the skill to read/write into the agent workspace used by other tools. Prompts and logs are stored on disk and may contain sensitive information; no encryption or access controls are provided.
Persistence & Privilege
The skill is not always-enabled and doesn't request special platform privileges. It creates local files under the user's CLAWCLAU_HOME and may be scheduled via cron (user action). Nothing in the manifest forces persistent global privileges. That said, the default path can place data in a shared '.openclaw' workspace which is surprising and should be confirmed.
What to consider before installing
This skill is functionally consistent with being an async dispatcher for a local 'claude' CLI, but several things to check before installing: - Ensure you will install a trusted 'claude' binary (the registry metadata doesn't consistently include the npm install; the SKILL.md recommends @anthropic-ai/claude-code). Do not run untrusted CLAUDE CLI builds. - Set CLAWCLAU_HOME explicitly to a directory you control (example: $HOME/.clawclau) to avoid the scripts writing into ~/.openclaw/workspace/.clawdbot by default. - Understand that prompts and all task outputs are written to disk (prompts/*.txt and logs/*.log). Do not send secrets in prompts unless you accept them being stored in plaintext on disk. - The scripts run claude with --dangerously-skip-permissions to avoid interactive prompts — only use this in fully trusted environments. - The monitor script optionally calls an 'openclaw system event' if the openclaw CLI exists; verify what that does in your environment to avoid unexpected notifications or telemetry. - Steering (tmux send-keys) may not work for non-interactive invocations; review whether you need interactive sessions and how you will secure those tmux sessions. Given these mismatches and data-handling risks, proceed only after addressing the install inconsistency and confirming your storage/location and trust boundaries.

Like a lobster shell, security has layers — review code before you run it.

Current versionv1.0.3
Download zip
latestvk976207h6jqem5tkdkjs2kgqgs833fhs

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

🦞 Clawdis
Binstmux, jq, claude

Install

Homebrew
Homebrew

SKILL.md

ClawClau — Async Claude Code via tmux

Dispatch Claude Code tasks asynchronously through tmux. Bypasses ACP protocol deadlocks.

When to Use

Use ClawClau instead of sessions_spawn with runtime: "acp" when:

  • ACP initialization hangs (common with custom API proxies)
  • You need non-blocking task dispatch
  • You want to check results later without waiting

Do NOT use for:

  • Simple one-liner commands (use exec directly)
  • Tasks requiring real-time streaming output
  • Environments without tmux, jq, or Claude Code

First-Time Setup

# Set up the working directory
export CLAWCLAU_HOME="$HOME/.clawclau"
mkdir -p "$CLAWCLAU_HOME/logs"
echo '[]' > "$CLAWCLAU_HOME/active-tasks.json"

Add to shell profile for persistence:

echo 'export CLAWCLAU_HOME="$HOME/.clawclau"' >> ~/.zshrc

Configuration

VariableDefaultDescription
CLAWCLAU_HOME~/.openclaw/workspace/.clawdbotBase directory for registry and logs
CLAWCLAU_SHELLbashShell for launching Claude Code in tmux

Scripts

All scripts are in scripts/ relative to this skill directory. Set CLAWCLAU_HOME before calling.

Spawn a task

CLAWCLAU_HOME="$HOME/.clawclau" ./scripts/claude-spawn.sh <task-id> "<prompt>" [workdir] [timeout-seconds]
  • <task-id>: alphanumeric + dash/underscore only
  • <prompt>: the task for Claude Code
  • [workdir]: defaults to current directory
  • [timeout-seconds]: defaults to 600 (10 min)

Example:

CLAWCLAU_HOME="$HOME/.clawclau" ./scripts/claude-spawn.sh "refactor-auth" \
  "Refactor src/auth.ts to use JWT tokens instead of sessions" \
  "$HOME/my-project" 300

Check task status

CLAWCLAU_HOME="$HOME/.clawclau" ./scripts/claude-check.sh [task-id]

Without argument: lists all tasks. With argument: shows details + last output.

Get results

CLAWCLAU_HOME="$HOME/.clawclau" ./scripts/claude-result.sh <task-id>

Monitor (auto-detect completion)

CLAWCLAU_HOME="$HOME/.clawclau" ./scripts/claude-monitor.sh

Set up cron for automatic monitoring:

# crontab -e
*/2 * * * * CLAWCLAU_HOME="$HOME/.clawclau" /path/to/skills/clawclau/scripts/claude-monitor.sh

Kill a task

CLAWCLAU_HOME="$HOME/.clawclau" ./scripts/claude-kill.sh <task-id>

Steer a running task

CLAWCLAU_HOME="$HOME/.clawclau" ./scripts/claude-steer.sh <task-id> "<message>"

Note: steering only works with interactive Claude Code sessions, not claude -p.

Task Lifecycle

running → done     (tmux ended, log has content)
running → failed   (tmux ended, log empty)
running → timeout  (exceeded timeout)
running → killed   (manually terminated)

Security

claude-spawn.sh uses --dangerously-skip-permissions. Only use in trusted environments.

Files

7 total
Select a file
Select a file to preview.

Comments

Loading comments…