Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
ssh-lab
v0.1.0Manage and monitor remote GPU servers via SSH with GPU, disk, process status, alerts, log tailing, file sync, and health diagnostics.
⭐ 0· 223·1 current·1 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
high confidencePurpose & Capability
The code and SKILL.md match the stated purpose (remote GPU/disk/process probes, tailing, rsync, alerts). Minor metadata mismatches: registry metadata lists no required binaries/config paths, but the tool requires a native SSH client (and rsync for sync) and reads ~/.ssh/config and writes ~/.config/ssh-lab/config.json and ~/.ssh-lab/alerts.json — these runtime dependencies are expected for this purpose but should be declared.
Instruction Scope
Runtime instructions and code limit activity to SSH operations, local config files, and stdout/json output for agents. It executes arbitrary commands on remote hosts (by design) and may remove/clean its own ControlMaster socket files under /tmp; it does not contact external HTTP endpoints or attempt to exfiltrate secrets.
Install Mechanism
No install spec in the registry (instruction-only). Source includes TypeScript sources and a standard npm build (tsc). There are no downloaded third-party runtime packages; only devDependencies for building. Build/run is local and straightforward.
Credentials
The skill declares no required env vars or credentials, which is consistent with not demanding API keys. It does read process.env.HOME and optionally honors SSH_LAB_CONFIG to override config path (mentioned in README). The implicit credential access is via the user's SSH client and keys (read by the SSH binary), which is appropriate for an SSH workbench but worth noting: the tool will use whatever SSH auth (keys/agent/ProxyJump) the user has configured.
Persistence & Privilege
The skill is not always-enabled and does not request elevated platform privileges. It writes its own config and alert files under the user's home (~/.config/ssh-lab, ~/.ssh-lab/alerts.json) and uses /tmp for ControlMaster sockets; these are normal for a CLI and limited to the user's account.
Assessment
This tool appears to do what it says: manage and probe remote servers over SSH. Before installing, check the following: (1) Ensure you have a native ssh client (and rsync if you plan to use sync); the package metadata didn't mark these as required even though the tool depends on them. (2) The CLI will read ~/.ssh/config and use your existing SSH keys/agent for authentication — it will not ask for new keys but will run commands on whatever hosts your SSH config (or the custom hosts you add) points to. (3) It will create/use local files: ~/.config/ssh-lab/config.json and ~/.ssh-lab/alerts.json and temporary ControlMaster sockets under /tmp; ensure you are comfortable with those paths. (4) There are small metadata mismatches (declared entrypoint/bin and missing required-binaries/config-paths) — consider reviewing the source or running the tool in a safe environment (local VM or container) first. If you need tighter auditing, review execSsh and any code that constructs shell commands to confirm proper escaping (the code includes shellEscape in multiple places).src/commands/sync.ts:77
Shell command execution detected (child_process).
src/ssh/config.ts:16
Shell command execution detected (child_process).
src/ssh/exec.ts:80
Shell command execution detected (child_process).
Patterns worth reviewing
These patterns may indicate risky behavior. Check the VirusTotal and OpenClaw results above for context-aware analysis before installing.Like a lobster shell, security has layers — review code before you run it.
latestvk972rkmew3wysr97arprz50dzh82nsmc
License
MIT-0
Free to use, modify, and redistribute. No attribution required.