ResmoteConsole
v1.0.0通过手机/浏览器远程访问主机上的 Claude Code 或其他 CLI 工具。使用此技能来启动、停止和管理远程开发环境。 **必须触发此技能的场景**: - 用户提到"远程控制台"、"远程终端"、"远程开发"、"ttyd"、"SSH 隧道" - 用户想用手机/平板访问电脑上的开发环境 - 用户提到"移动端编程"...
⭐ 0· 243·0 current·0 all-time
byHaibaraAi@haibaraaiaptx
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
Name/description (remote console via ttyd + SSH) align with included scripts (start/stop/check/validate) and config.json. The commands list includes entries for running Claude/other CLIs which is expected. However config.json defines a 'claude-bypass' command containing '--dangerously-skip-permissions' (explicitly labeled high-risk) and scripts allow running arbitrary commands from config or CLI flags — which is consistent with a remote console but increases risk and should be explicitly acceptable to the user.
Instruction Scope
SKILL.md instructs all operations go through the provided Python scripts and forbids shell concatenation, but the scripts often invoke shells (bash -c / pwsh -Command) and construct command strings that will be interpreted by the shell. start_console can run commands coming from config.json or user-supplied --command/-c, which may lead to arbitrary command execution. Scripts read and modify local state: they read config.json, enumerate and kill processes, start background processes and SSH tunnels. They do not appear to exfiltrate data to external endpoints, but the scope includes altering processes and opening network-accessible consoles — appropriate for the purpose but sensitive in practice.
Install Mechanism
No install spec; this is an instruction+script skill. Only dependency is psutil (listed in requirements and SKILL.md recommends pip install psutil). No downloaded remote payloads or unusual installers were found.
Credentials
The skill requests no environment variables or credentials, and relies on user-supplied config.json for server, ssh_alias, and project paths. That is proportionate to the stated purpose. Users must provide SSH host/user/alias and ensure keys are configured; the skill will call system ssh and relies on system ttyd. Because commands can be arbitrary (including 'claude-bypass'), confirm the entries in config.json before use.
Persistence & Privilege
always:false (default) and no modifications to other skills or global agent settings were observed. The scripts create background processes (ttyd, ssh) which is expected behavior for a remote console but not platform-level persistence.
What to consider before installing
This skill implements a remote console by starting ttyd and an SSH reverse tunnel and is functionally coherent with that goal — but review and act on these points before installing:
- Inspect config.json and remove any dangerous pre-defined commands (e.g., 'claude-bypass' or any command with flags that disable safety checks).
- The Python scripts invoke shells (bash -c or pwsh -Command) and may execute command strings from the config or from user-supplied -c values. Only allow trusted commands in the config and avoid passing untrusted text into the --command/-c or --path arguments.
- The skill will create background processes and may kill existing 'ttyd' or 'ssh' processes; don't run on critical production machines unless you accept that behavior.
- Ensure SSH key-based auth is configured for the target and that the remote port exposure is controlled (firewall/GatewayPorts). Prefer using an SSH alias that you trust.
- Consider running these scripts inside an isolated environment (container or VM) and binding ttyd to localhost with secure tunnel endpoints or adding authentication, to reduce exposure.
Given the mismatch between the SKILL.md advice ("do not concatenate shell commands") and the scripts' use of shell invocation, treat the implementation as unpolished and audit the code and config before use. If you want me to, I can summarize exactly where arbitrary commands can be injected and propose concrete hardening changes (e.g., avoid shell -c and use argv lists, whitelist commands, or sandbox the console).Like a lobster shell, security has layers — review code before you run it.
latest
HaibaraAi@haibaraaiaptx
Download远程控制台 Skill
通过 ttyd + SSH 隧道,在手机浏览器中访问主机上的 Claude Code。
⚠️ 重要:优先使用 Python 脚本
所有操作必须通过 Python 脚本执行,禁止直接拼接 Shell 命令!
脚本目录:./scripts/(与 SKILL.md 同目录)
前置依赖
pip install psutil
快速命令
启动远程控制台
python ./scripts/start_console.py <项目名>
python ./scripts/start_console.py <项目名> -c <命令名>
python ./scripts/start_console.py --path /path/to/project
停止远程控制台
python ./scripts/stop_console.py
检查状态
python ./scripts/check_tunnel.py
python ./scripts/check_tunnel.py --json
验证配置
python ./scripts/validate_config.py
用户操作指南
1. 启动远程控制台
触发: "打开 {项目名} 的远程控制台"
执行:
python ./scripts/start_console.py {项目名}
返回格式:
✅ 远程控制台已启动
📁 项目:{项目名称}
🔗 访问地址:http://{host}:{port}
📂 工作目录:{project.path}
🚀 启动命令:{command}
2. 停止远程控制台
触发: "关闭远程控制台" / "停止远程终端"
执行:
python ./scripts/stop_console.py
3. 检查状态
触发: "远程控制台状态" / "检查隧道"
执行:
python ./scripts/check_tunnel.py
4. 验证配置
触发: "验证远程控制台配置"
执行:
python ./scripts/validate_config.py
5. 项目管理
查看所有项目:
python ./scripts/start_console.py
配置文件
配置文件:./config.json(与 SKILL.md 同目录)
{
"servers": {
"default": {
"name": "my-server",
"host": "your-server.com",
"port": 2222,
"user": "your-username",
"ssh_alias": "ssh-config-alias"
}
},
"ttyd": {
"port": 7681,
"path": "ttyd",
"options": "-W -t fontSize=16"
},
"defaults": {
"command": "claude",
"server": "default"
},
"commands": {
"claude": "claude",
"claude-bypass": "claude --dangerously-skip-permissions",
"codex": "codex"
},
"projects": {
"项目名": {
"path": "/path/to/project",
"command": "claude-bypass"
}
}
}
预定义命令
| 名称 | 实际命令 | 说明 |
|---|---|---|
| claude | claude | 标准 Claude Code |
| claude-bypass | claude --dangerously-skip-permissions | ⚠️ 跳过权限检查 |
| codex | codex | OpenAI Codex |
| cursor | cursor-agent | Cursor Agent |
⚠️ 安全警告
claude-bypass 命令风险
claude-bypass 使用 --dangerously-skip-permissions 标志,会跳过所有权限检查。
仅在以下情况使用:
- ✅ 完全信任的私有网络环境
- ✅ 个人非敏感项目
- ✅ 你了解并接受所有操作将自动执行
绝不使用于:
- ❌ 生产环境或敏感数据处理
- ❌ 公共或共享网络
- ❌ 不确定安全性的项目
故障排查
| 问题 | 解决方案 |
|---|---|
| 链接无法访问 | 运行 check_tunnel.py 检查隧道状态 |
| 配置错误 | 运行 validate_config.py 验证配置 |
| 端口被占用 | 运行 stop_console.py 先停止再启动 |
架构
手机浏览器 → 服务器:{port} → SSH 隧道 → 主机 ttyd → Shell + Claude Code
首次使用检查清单
- 安装依赖:
pip install psutil - 配置文件: 修改
config.json中的服务器信息 - SSH 密钥: 确保免密登录
ssh {ssh_alias} echo test - ttyd 安装: Windows
scoop install ttyd,Linuxsudo apt install ttyd - 服务器配置:
GatewayPorts yes和AllowTcpForwarding yes - 验证: 运行
python ./scripts/validate_config.py
Comments
Loading comments...