Shell Script
v2.3.4Shell脚本助手。脚本生成、逐行解释、调试排错、常用模板(备份/监控/部署)、一行命令、Bash速查表。Shell script generator, explainer, debugger, templates, one-liners, cheatsheet. Shell、Bash、Linux命令。
⭐ 0· 869·11 current·11 all-time
byBytesAgain2@ckchzh
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
high confidencePurpose & Capability
The name/description (shell script generation, templates, linting, deploy/backup/monitor helpers) matches the bundled files: generators, lint/checker, and example templates. The included setup, deploy, monitor and backup scripts are coherent with the stated capabilities.
Instruction Scope
SKILL.md is an instruction-only manifest that simply advertises the helper and CLI usage; it does not tell the agent to read unrelated system files or exfiltrate secrets. However, the shipped scripts themselves perform filesystem, network (rsync/ssh/curl) and system administration actions if executed — those are within the scope of the helper but have side effects that require user caution.
Install Mechanism
No install spec is provided (instruction-only plus included scripts), so nothing is downloaded or executed automatically during install. This is lower-risk from an installation standpoint.
Credentials
The skill declares no required env vars or credentials. Some scripts assume the presence of SSH access/keys (deploy uses rsync/ssh) or root privileges (setup uses apt-get and edits system configs). Those assumptions are reasonable for deploy/setup tasks, but the skill does not request or provide credentials; the user must supply appropriate keys/privileges when running the scripts.
Persistence & Privilege
The skill is not always-enabled and does not request persistent elevated privileges. It includes scripts that, if executed by a user, will perform privileged/system changes (server init, editing sshd_config, enabling ufw, creating swap). This is expected for 'setup' functionality but requires explicit user action (sudo) and consent.
Assessment
This skill appears to be what it says: a shell/Bash helper with script templates, a linter, and generators. Before using: (1) Inspect generated scripts (especially setup.sh and deploy scripts) — they perform system-level changes (apt, ufw, sshd config, swap, rsync/ssh) and should only be run on systems you control. (2) Do not run setup scripts as root on production systems without review. (3) The deploy script assumes SSH access and will use your rsync/ssh credentials — ensure target host and user are correct. (4) Commented webhook examples exist; confirm no hard-coded secrets are present. If you want additional assurance, request the upstream source (repo/author) or run the scripts in a safe test environment first.Like a lobster shell, security has layers — review code before you run it.
chinesevk972v3d7c71qsz0ct5cfddx95982p58mlatestvk97dxqv8rf5h7m7nbv22jfargh832p6cproductivityvk972v3d7c71qsz0ct5cfddx95982p58m
License
MIT-0
Free to use, modify, and redistribute. No attribution required.