Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Terminal Killer
v1.2.0Intelligent shell command detector and executor for OpenClaw. Automatically identifies terminal commands (system builtins, $PATH executables, history matches...
⭐ 1· 728·4 current·4 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
high confidencePurpose & Capability
Name/description (detect + execute shell commands) match the actual implementation: detector, executor, interactive opener. Executing commands with the user's environment, checking $PATH and shell history, and opening new terminal windows are coherent with the stated goal.
Instruction Scope
Runtime instructions and code explicitly source user shell init files (e.g. ~/.zshrc, ~/.bashrc) and read shell history (~/.zsh_history, ~/.bash_history). Sourcing init files executes whatever is in them; reading history and command outputs may surface secrets. These behaviors extend beyond simple command detection and create sensitive read/execute surface that users should expect but be cautious about.
Install Mechanism
No installer or remote downloads; this is an instruction+code bundle that runs locally. That lowers supply-chain risk because nothing is fetched at install time.
Credentials
The skill requests no explicit credentials, but it inherits process.env and deliberately sources shell init files to obtain PATH and env vars, and it reads shell history files. Those actions are plausible for running user commands, but they give the skill access to sensitive local data (history, env vars, and any code executed during sourcing). The skill also logs commands and outputs (per README/SKILL.md), which may record secrets.
Persistence & Privilege
always:false (good), but the skill can be invoked autonomously by the agent (default). Combined with the ability to execute arbitrary shell commands and to source init files / read histories / open terminals, this gives a high blast radius if misclassification or malicious inputs occur. The skill does not modify other skills or system configs, but its execution privileges are powerful.
What to consider before installing
This skill does what it says — it will detect and run shell commands using your real shell environment. That requires sourcing your dotfiles (~/.zshrc, ~/.bashrc) and reading shell history; both are legitimate for this task but are risky because dotfiles can run arbitrary code and history or command outputs may contain secrets (API keys, tokens, passwords). Before installing or enabling: 1) Review the source (you have it) and confirm you trust the author; 2) Inspect your shell init files for unexpected network calls or side effects (and consider running the skill under a sanitized shell or user); 3) Disable or restrict logging or ensure logs (~/.openclaw/logs/...) are stored securely; 4) Configure the skill to require interactive approval for execution (raise the confidence threshold or force approval for anything non-trivial) and avoid enabling fully autonomous execution if you cannot audit every invocation; 5) If you need minimal privilege, prefer not to allow it to source dotfiles or to limit MAX_HISTORY_CHECK to 0. If you want to proceed but are unsure, keep it disabled by default and only run detect-only tests (node scripts/detect-command.js) rather than executing commands.Like a lobster shell, security has layers — review code before you run it.
command-detectionvk97ca07y5kp5q25q94hwe6he898212phexecutorvk97ca07y5kp5q25q94hwe6he898212phinteractivevk97ca07y5kp5q25q94hwe6he898212phlatestvk9783901qyw9jg6z675zvygc6n825rvfshellvk97ca07y5kp5q25q94hwe6he898212phterminalvk97ca07y5kp5q25q94hwe6he898212ph
License
MIT-0
Free to use, modify, and redistribute. No attribution required.