Back to skill
Skillv1.0.0
ClawScan security
Tmux Remote Control · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignFeb 25, 2026, 3:18 AM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's requirements, instructions, and included script are consistent with a tmux-based remote-control helper: it only needs tmux, captures pane output, and sends keystrokes; nothing indicates hidden exfiltration or unrelated privileges.
- Guidance
- This skill is coherent for controlling tmux sessions: it will create sessions, send keystrokes, and scrape pane output. Before installing, review the commands you plan to run via tmux (the skill will accept and forward arbitrary input), avoid running it with elevated privileges, and be cautious if you use the example flags like '--dangerously-skip-permissions' or '--full-auto' — those flags can bypass local safety checks of third-party agent CLIs. If you want extra assurance, inspect or run the included wait-for-text.sh script yourself; it only uses tmux and standard shell utilities.
Review Dimensions
- Purpose & Capability
- okThe name/description (remote-controlling tmux sessions) align with the declared dependency (tmux), the SKILL.md examples, and the included wait-for-text.sh script. Nothing requested (no extra binaries, env vars, or config paths) is out of scope for a tmux helper.
- Instruction Scope
- noteSKILL.md instructs creating and naming tmux sessions, sending keys, and capturing pane output — all expected. It also shows examples that launch local agent CLIs (e.g., 'claude --dangerously-skip-permissions', 'codex --full-auto'). Those examples encourage running arbitrary commands in the user's environment and using agent flags that bypass protections; this is a usage concern but not an incoherence with the skill's purpose.
- Install Mechanism
- okNo install spec; instruction-only plus a small included shell script. No external downloads or archive extraction. Low install risk.
- Credentials
- okNo environment variables, credentials, or config paths are requested. The script and docs use only tmux and standard shell tools, which is proportional to the functionality.
- Persistence & Privilege
- okThe skill does not request always:true and does not modify other skills or system settings. It will create tmux sessions with an 'oc-' prefix (documented) but otherwise has no elevated persistence requirements.