ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

netmiko ssh

v1.0.0

Provides access to the MCP_Server_Trigger (v0.1.0) MCP server. It offers 7 tool(s): {"close_ssh_session":"\nFecha uma sessão SSH ativa.\n\nArgs:\n session_id...

0· 357·0 current·0 all-time
by@is-the-king
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The skill exposes tools to create SSH sessions and run commands on remote devices, which aligns with the 'ssh' purpose. However the package metadata/source/homepage are missing and the name ('netmiko ssh') vs. server name ('MCP_Server_Trigger' / 'restssh') is inconsistent. The SKILL.md depends on an external CLI (mcp2skill) which is reasonable for an adapter but the origin of the MCP server and its operator are not disclosed.
!
Instruction Scope
Runtime instructions direct the agent to call a remote MCP server to run arbitrary SSH commands using user-supplied host/username/password. The SKILL.md also mentions a database-backed session/command history — meaning credentials or commands might be logged/persisted remotely. The document does not disclose the server endpoint, data handling, or retention policy, so use could result in sensitive data being transmitted and stored offsite without clear consent.
Install Mechanism
There is no install spec (instruction-only), which minimizes local code execution risk. The README recommends installing 'mcp2skill' from a GitHub repo; that is an external dependency the user would need to vet separately. No automated downloads/installers are embedded in the skill itself.
!
Credentials
The skill declares no required environment variables or credentials at install time, but its runtime API requires SSH credentials (username/password) be provided as call arguments. Because the server records session and command history, accepting credentials at runtime could lead to durable storage or forwarding of secrets. There is no explanation why credentials would be retained or how they are protected.
Persistence & Privilege
The skill does not request persistent platform privileges (always:false) and has no install operations. It does not declare any capability to modify other skills or global agent configuration.
What to consider before installing
This skill connects to a remote MCP server that will execute SSH commands you provide and keeps session/command history. Before installing or using it: 1) Ask who operates the MCP_Server_Trigger (where the server runs) and request the server's endpoint and privacy/security policy (is data logged, for how long, is traffic encrypted?). 2) Vet the recommended dependency (https://github.com/fenwei-dev/mcp2skill) — review its code and releases rather than blindly installing. 3) Avoid sending high-privilege credentials until you confirm that credentials are not persisted or are properly protected; prefer ephemeral keys or limited-scope accounts. 4) If possible, run the MCP server under your control (on-premises) or use a vetted connector to avoid exposing sensitive device credentials to unknown third parties. 5) The skill metadata lacks a homepage/source — treat it as unverified and ask the publisher for provenance and security documentation before granting access or supplying secrets.

Like a lobster shell, security has layers — review code before you run it.

latestvk9752dbd12jfb0k9hc1b65qtjd81vdzb

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

SKILL.md

restssh

This skill provides access to the MCP_Server_Trigger MCP server.

MCP Server Info

  • Server Name: MCP_Server_Trigger
  • Server Version: 0.1.0
  • Protocol Version: 2025-06-18
  • Capabilities: tools

Available Tools

This skill provides the following tools:

  • health_check: Verifica a saúde do serviço API REST SSH. Retorna o status atual do serviço.
  • create_ssh_session: Cria uma nova sessão SSH explicitamente. Args: host: Endereço IP ou hostname do dispositivo. username: Usuário SSH. password: Senha SSH. session_id: Identificador único para a nova sessão. device_type: Tipo de dispositivo (ex: cisco_ios, linux). Default: cisco_ios. port: Porta SSH. Default: 22.
  • execute_ssh_command: Executa um comando SSH em um dispositivo remoto. Args: command: O comando a ser executado. session_id: ID único da sessão (se não existir, será criada com as credenciais fornecidas). host: Endereço IP ou hostname do dispositivo (obrigatório para nova sessão). username: Usuário SSH (obrigatório para nova sessão). password: Senha SSH (obrigatório para nova sessão). device_type: Tipo de dispositivo (ex: cisco_ios, linux, juniper_junos). Default: cisco_ios. port: Porta SSH. Default: 22. timeout: Timeout opcional para o comando.
  • list_active_sessions: Lista todas as sessões SSH ativas em memória.
  • list_history_sessions: Lista o histórico de todas as sessões registradas no banco de dados. Inclui sessões ativas e encerradas.
  • list_history_commands: Lista o histórico de comandos executados em uma sessão específica. Args: session_id: O ID da sessão para consultar o histórico.
  • close_ssh_session: Fecha uma sessão SSH ativa. Args: session_id: O ID da sessão a ser fechada.

Usage

This skill is automatically invoked when tools from this MCP server are required.

This skill requires mcp2skill to be installed globally (if not installed, you can install it from https://github.com/fenwei-dev/mcp2skill). Use mcp2skill --help to see available commands. Use mcp2skill list-tools --server restssh to list tools. Use mcp2skill call-tool --server restssh --tool <name> --args '<json>' to call a tool. Use mcp2skill update-skill --skill <skill-dir> to check for and apply updates to this skill (where <skill-dir> is the path to this skill's directory). (Note: DO NOT use the generate-skill sub-command. It's not supposed to be used under a skill.)

For detailed documentation on each tool's parameters and usage, see TOOLS.md.

Files

2 total
Select a file
Select a file to preview.

Comments

Loading comments…