ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

vscode-tunnel

v1.0.0

Start VS Code Remote Tunnel in Docker containers for remote terminal access

0· 599·2 current·2 all-time
by@listky
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description match the provided script and SKILL.md. The script only implements start/stop/status/log for VS Code Remote Tunnel and requires curl/tar/grep as documented — these are appropriate for downloading and running the VS Code CLI.
Instruction Scope
SKILL.md instructs the agent to run tunnel.sh commands only. The script only reads/creates files under the configured CLI_DIR, checks for dependencies, downloads/extracts the CLI, and tails its own log; it does not access unrelated system paths or undeclared environment variables.
Install Mechanism
There is no package install spec; the script itself downloads a tarball from code.visualstudio.com and extracts it into ~/.vscode-cli. Downloading and extracting remote binaries is normal for this task but carries the usual network/code-execution risk (the URL appears to be the official Microsoft VS Code download endpoint).
Credentials
The skill does not request secrets or unrelated environment variables. The script respects VSCODE_TUNNEL_NAME and VSCODE_CLI_DIR as documented and does not require other credentials. Authorization for the tunnel is performed interactively via the VS Code flow (Microsoft account), which the SKILL.md notes.
Persistence & Privilege
always is false and the skill does not attempt to modify other skills or global agent settings. It writes files only under the CLI_DIR it creates and places a PID/log file there; this is expected for a long-running helper.
Assessment
This skill appears to do what it claims: it downloads the VS Code CLI from Microsoft's servers into ~/.vscode-cli and runs it to create a remote tunnel. Before installing, consider: 1) the script will execute a downloaded binary — only use it if you trust the source or prefer to preinstall/verify the CLI yourself; 2) creating a VS Code remote tunnel grants remote access to the container once you authorize via your Microsoft account — ensure you want that exposure and run it in a controlled environment; 3) logs and PID files are stored under the CLI_DIR (default ~/.vscode-cli) and may contain messages related to authorization — inspect them if you're concerned about sensitive data; 4) the script uses pgrep to find 'code tunnel' processes which may occasionally match unrelated processes, so status/stop behavior can be imperfect. If you want stronger assurance, review the downloaded CLI binary/checksums manually or run the skill in an isolated container.

Like a lobster shell, security has layers — review code before you run it.

latestvk972s2a5jzr50epaxa8yebmy1n81jr9q

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments