ClawHub

GPU CLI: Remote GPU Compute for ML Training and Inference

v1.2.0

Safely run local `gpu` commands via a guarded wrapper (`runner.sh`) with preflight checks and budget/time caps.

1· 476·1 current·1 all-time
byAngus Bezzina@angusbezzina
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
The skill claims to run the local 'gpu' binary with guardrails and the bundle contains a wrapper (runner.sh), tests, docs, and a manifest matching that goal. It does not request unrelated credentials, binaries, or network permissions.
Instruction Scope
SKILL.md restricts allowed tools to the bundled runner and read-only access; runner.sh enforces a prefix and subcommand allowlist, a metacharacter blocklist, dry-run/confirmation gates, price/runtime caps, and direct exec of the gpu binary. This stays inside the stated scope. Minor note: some parsing (sed/grep/jq fallbacks and read -ra splitting) is best-effort and brittle in edge cases—this is a robustness concern, not an evidence of malicious behavior.
Install Mechanism
No install spec is provided (instruction-only), so nothing is downloaded or written by the skill itself. The runner.sh prints a suggested install command for the external 'gpu' binary (a curl | sh URL) only in an error message — that is not executed by the skill but is a user-visible suggestion you should verify before running.
Credentials
The skill does not request secrets or external service credentials. It exposes configuration via SKILL_* env vars (dry-run, caps, confirm, etc.) which are reasonable for this wrapper. It delegates networking and auth to the user-installed 'gpu' CLI, which is expected for this purpose.
Persistence & Privilege
The skill is not always-on and does not request elevated privileges or system-wide config changes. It may invoke 'gpu daemon start' via the gpu binary (to remediate transient errors) which can create background processes — this behavior is consistent with managing GPU jobs and is attributable to the gpu CLI rather than the skill itself.
Assessment
This skill appears to do exactly what it says: run the local 'gpu' CLI through a guarded wrapper. Before installing/using it: 1) review and keep dry-run on until you trust it (SKILL_DRY_RUN=true); 2) don't set SKILL_CONFIRM=yes unless you understand the cost implications (it can start paid pods via your provider); 3) verify and install the 'gpu' binary from a trusted source (the runner prints a curl | sh URL—treat that like any remote installer and inspect it first); 4) be aware the wrapper delegates networking and auth to the gpu binary, so you should audit/confirm that binary and its credentials separately; 5) if you rely on complex argument parsing, test edge cases (quoting, unusual gpu-type strings) because the script uses simple text parsing and fallbacks that may be brittle.

Like a lobster shell, security has layers — review code before you run it.

latestvk976qeqjs0eeqsfkkyfv11tjg1832vmf

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments