ToxTunnel Ops
PassAudited by VirusTotal on May 10, 2026.
Overview
Type: OpenClaw Skill Name: tox-tunnel-ops Version: 0.1.3 The tox-tunnel-ops skill bundle is a well-documented administrative tool for managing P2P TCP tunnels via the Tox network. It includes robust security guardrails, such as explicit instructions in SKILL.md for the AI agent to enforce minimum privilege, avoid broad wildcards in access control rules, and prevent unauthorized persistence. The provided diagnostic scripts (diagnose.sh and verify.sh) perform legitimate system checks and configuration validation without any signs of data exfiltration, obfuscation, or malicious intent. While the tool facilitates NAT traversal, the skill's design prioritizes secure configuration and user-authorized deployment.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A misconfigured tunnel could give remote access to SSH, databases, desktops, or internal web apps.
The skill is explicitly designed to create remote tunnels into internal services, which is powerful and dual-use, but this is disclosed as the main purpose.
Use when: remote SSH without port forwarding, NAT traversal, intranet penetration, exposing internal services, generating ToxTunnel config files...
Use this only for systems you own or administer, require friend-specific rules, avoid wildcard hosts or all-port rules, enable logging, and revoke access promptly.
Installing a downloaded network daemon with sudo means you are trusting that release artifact and its publisher.
The install guidance uses mutable latest GitHub release assets and privileged package installation.
wget "https://github.com/anonymoussoft/tox-tcp-tunnel/releases/latest/download/toxtunnel-Linux-${ARCH}-latest.deb"
sudo dpkg -i "toxtunnel-Linux-${ARCH}-latest.deb"Prefer pinned versions, verify checksums or signatures when available, review the project source/release provenance, and install from a trusted package source when possible.
A persistent tunnel can keep remote access available after the setup session ends.
The docs show how to make the tunnel run persistently as a service, while also stating that persistence should be explicit.
Only do this when the user explicitly asks for persistent service management... sudo systemctl enable toxtunnel... <key>KeepAlive</key><true/>... sc create ToxTunnel ... start= auto
Only enable persistence when needed, document the service, monitor logs, and know the exact stop/disable commands before enabling it.
If the identity file is copied or mishandled, access rules based on that identity may no longer represent the intended person or device.
ToxTunnel creates and relies on a persistent local identity file; protecting it is part of protecting tunnel access.
Back up `tox_save.dat` on both sides — it's the identity
Store data directories with restrictive permissions, treat tox_save.dat like a credential, and rotate identities or remove friend rules if it may be exposed.