ClawHub
Back to skill
v1.0.0

Ssh Essentials

BenignClawScan verdict for this skill. Analyzed May 1, 2026, 4:56 AM.

Analysis

This is a coherent instruction-only SSH reference, but it includes powerful SSH options that can affect credentials, remote systems, tunnels, and file deletion if used carelessly.

GuidanceThis skill appears safe as an SSH command reference, with no code or install step. Before using it, treat the examples as powerful commands: avoid agent forwarding and StrictHostKeyChecking=no unless you understand the risk, run rsync --dry-run before delete syncs, and stop any background tunnels when finished.

Findings (5)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Tool Misuse and Exploitation
SeverityMediumConfidenceHighStatusNote
SKILL.md
ssh -o "StrictHostKeyChecking=no" myserver

The guide includes an example that disables SSH host-key verification. This is a known SSH option and is disclosed, but it can weaken server identity checks if copied without understanding the tradeoff.

User impactUsing this option can make it easier to connect to the wrong server or fall for a man-in-the-middle attack.
RecommendationAvoid disabling host-key checking unless you have a specific, temporary reason and can verify the server identity another way.
Cascading Failures
SeverityMediumConfidenceHighStatusNote
SKILL.md
rsync -avz --delete /local/dir/ user@hostname:/remote/dir/

The skill documents rsync mirroring with --delete, which can propagate local deletions to a remote directory. This is purpose-aligned for file synchronization but can have broad impact if paths are wrong.

User impactA mistaken source, destination, or delete sync could remove files on a remote system.
RecommendationUse --dry-run first, confirm both paths and hostnames, and keep backups before running destructive sync commands.
Rogue Agents
SeverityLowConfidenceHighStatusNote
SKILL.md
ssh -f -N -L 8080:localhost:80 user@hostname

The guide includes a background SSH tunnel command. Background tunnels are expected in SSH tunneling guidance, but they can continue running after the immediate task.

User impactA background tunnel may keep exposing or forwarding a local or remote service until it is stopped.
RecommendationTrack background SSH processes, close tunnels when no longer needed, and avoid forwarding sensitive services unless necessary.
Agentic Supply Chain Vulnerabilities
SeverityInfoConfidenceHighStatusNote
SKILL.md
ssh-keygen -t ed25519 -C "your_email@example.com"
ssh-copy-id user@hostname
ssh-add ~/.ssh/id_rsa
rsync -avz /local/dir/ user@hostname:/remote/dir/

The runtime instructions reference several helper binaries, while the registry metadata declares only ssh as required. This is a dependency declaration gap for an instruction-only skill, not evidence of hidden code.

User impactSome examples may fail or require extra local tools that are not declared in the registry requirements.
RecommendationConfirm each command is available and intended before use; the skill metadata should ideally list optional helper tools used by the examples.
Permission boundary

Checks whether tool use, credentials, dependencies, identity, account access, or inter-agent boundaries are broader than the stated purpose.

Identity and Privilege Abuse
SeverityMediumConfidenceHighStatusNote
SKILL.md
ssh -A user@hostname
...
IdentityFile ~/.ssh/id_prod
ForwardAgent yes

The skill explicitly documents use of local SSH identities and agent forwarding. This is expected for an SSH skill, but it delegates authentication capability to chosen remote hosts.

User impactIf agent forwarding is used with an untrusted or compromised host, that host may be able to request authentication using your loaded SSH keys during the session.
RecommendationUse agent forwarding only for trusted hosts, prefer per-host keys, use key passphrases and limited ssh-agent lifetimes, and confirm the destination before connecting.