GPU CLI: Remote GPU Compute for ML Training and Inference
ReviewAudited by ClawScan on May 10, 2026.
Overview
The skill mostly matches its GPU-compute purpose, but its wrapper can automatically run an unscoped `gpu stop -y` cleanup after timeouts or cancellations, which could affect paid GPU resources without a separate confirmation.
Before installing, verify the external GPU CLI source, keep dry-run and confirmation enabled, review any paid `gpu run` command carefully, and be aware that timeout/cancel cleanup may issue `gpu stop -y` unless the publisher scopes or changes that behavior.
Findings (5)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A timed-out or cancelled command could stop GPU resources unexpectedly, potentially interrupting other jobs or losing remote work depending on how `gpu stop` behaves.
On timeout or cancellation, the wrapper automatically runs `gpu stop -y` without showing a resource ID or scoping it to a pod created by this invocation. The `-y` flag also bypasses confirmation.
if [[ $EXIT -eq 124 || $EXIT -eq 130 ]]; then echo_warn "Command interrupted or timed out; attempting cleanup with 'gpu stop -y'" gpu stop -y || true fi
Scope cleanup to the specific resource started by the current command, require confirmation before unscoped stops, or make automatic cleanup opt-in.
If enabled and confirmed, the agent can start GPU jobs that may incur provider costs.
The skill intentionally exposes a local command wrapper that can start remote GPU workloads and paid resources. This is disclosed and guarded by dry-run/confirmation settings, but it remains a high-impact capability.
Runs `gpu` commands you specify (e.g., `runner.sh gpu status --json`, `runner.sh gpu run python train.py`). ... You pay your provider directly; this may start paid pods.
Keep dry-run and confirmation enabled by default, review command previews carefully, and set conservative price/runtime caps.
Commands run under the provider account already configured for the local `gpu` CLI.
The skill relies on the user's existing `gpu` CLI authentication/provider context. That is expected for this integration, and the artifacts do not show credential logging or exfiltration.
The skill does **not** handle credentials, secrets, or network connections directly — all of that is delegated to the `gpu` binary, which manages its own authentication and encrypted transport.
Use a least-privileged provider account or project where possible, and avoid running auth/config commands unless needed.
Installing the external GPU CLI gives that software local execution and provider-account authority.
The wrapper suggests installing the required external CLI through a remote shell script. This is user-directed and purpose-aligned, but users should verify the source before running it.
Please install: curl -fsSL https://gpu-cli.sh/install.sh | sh
Verify the installer URL, repository, checksums or package signatures, and prefer a pinned package-manager install if available.
A local GPU CLI daemon may continue running after the agent task finishes.
The wrapper may start the local `gpu` daemon automatically as remediation. This is disclosed in code and related to the GPU CLI purpose, but it can create a background process beyond the immediate command.
echo_warn "Daemon connection error (13). Attempting 'gpu daemon start' then retry." gpu daemon start || true
Document this behavior prominently and provide a clear command or setting to disable or stop the daemon if users do not want background processes.