Use DeepSeek TUI CLI as an autonomous code assistant
WarnAudited by ClawScan on May 10, 2026.
Overview
The skill is transparently a DeepSeek code-assistant wrapper, but its interactive mode can let an external CLI read and change your project and run shell commands without clear sandboxing or per-action approval in the artifacts.
Install only if you trust the DeepSeek TUI CLI and are comfortable sharing selected code context with DeepSeek. Use the headless `exec` mode for safer delegation, and use interactive `run` mode only in a clean, version-controlled workspace where autonomous file edits and shell commands are acceptable.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If used in a sensitive repository or local environment, DeepSeek could modify files or run commands that affect the project or machine.
The skill explicitly delegates file mutation and shell execution to DeepSeek's interactive mode, and the provided artifacts do not define approval checks, command restrictions, sandboxing, or rollback.
`deepseek run` launches the full TUI with real tool-calling capabilities: ... `write_file` / `edit_file` — modify files ... `terminal` / `bash` — execute shell commands
Prefer `deepseek exec` for controlled delegation. If using `deepseek run`, run it only in a trusted, version-controlled, non-production workspace and review all changes and commands.
The behavior of the skill depends on the external DeepSeek TUI package that the user installs.
The install path is user-directed and purpose-aligned, but it relies on a globally installed third-party CLI without a pinned install spec in the skill artifacts.
Install: - **Homebrew:** `brew install hmbown/tap/deepseek-tui` - **npm:** `npm install -g deepseek-tui`
Verify the package source, version, and maintainer before installing; pin a known-good version where possible.
The CLI may use a DeepSeek account or API key, so prompts and usage may be associated with that account.
The scan signals indicate sensitive credentials are needed, which is expected for a DeepSeek API-backed CLI, but the registry metadata does not declare required credentials or environment variables.
requires-sensitive-credentials
Use least-privilege provider credentials, avoid pasting secrets into prompts, and understand how the DeepSeek CLI stores and uses credentials.
Private code snippets, filenames, errors, or other context included in prompts may be transmitted to the DeepSeek service.
The skill sends user-provided prompts and code context to an external provider API. This is expected for the integration, but users should treat it as sharing project data with DeepSeek.
`deepseek exec <PROMPT>` calls the DeepSeek API in pure text-in/text-out mode ... You must provide all file context in the prompt
Do not include secrets or confidential code unless you are comfortable sharing it with the provider and have checked the provider's data handling terms.