remote-ssh-bridge
PassAudited by VirusTotal on May 11, 2026.
Overview
Type: OpenClaw Skill Name: remote-ssh-bridge Version: 0.1.3 This skill bundle provides basic SSH command templates for interacting with a remote host, as explicitly stated in its purpose. The scripts (`check-sapconet.sh`, `msg-sapconet.sh`) contain clear `TODO` placeholders, requiring the user to configure the `REMOTE_TARGET` and replace placeholder commands. While the direct interpolation of the `MESSAGE` variable in `msg-sapconet.sh` could be a shell injection vulnerability if the `TODO` were replaced with an executing command without proper sanitization, in its current form, the message is safely enclosed within single quotes inside an `echo` command on the remote host. There is no evidence of data exfiltration, malicious execution, persistence mechanisms, or prompt injection attempts against the AI agent in the `SKILL.md`.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Running the script executes a command on the configured remote host; unsafe message text could cause unintended remote shell behavior.
The script sends user-provided message text inside a remote shell command over SSH. This is aligned with the SSH bridge purpose, but untrusted text containing shell quotes could change the remote command.
MESSAGE="$1"
...
ssh "${REMOTE_TARGET}" "echo 'TODO: send inbox message: ${MESSAGE}'"Set REMOTE_TARGET explicitly, review the remote command before use, and when replacing the placeholder, pass message content via a safer quoting method or stdin rather than raw shell interpolation.
The skill can act on the remote machine with whatever access your SSH account has.
The skill relies on the user's SSH access to a configured remote host. No credentials are embedded, but commands will run with the permissions of that SSH account.
export REMOTE_TARGET="user@<your-remote-host>" ... Any remote commands require you to configure your own SSH target.
Use a least-privileged SSH account or key, confirm the target host before running, and avoid using production or high-privilege credentials unless intended.