myskill
WarnAudited by ClawScan on May 10, 2026.
Overview
This instruction-only skill openly enables broad command execution, including host/node targeting, elevated mode, approval bypass options, and background runs, so it should be reviewed carefully before use.
Install this only if you deliberately want the agent to have a general command-execution interface. Keep sandboxing on, require approvals, avoid elevated mode and `ask=off`, and review every command before allowing it to run on your gateway or paired nodes.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
An agent using this skill could run broad shell commands on the sandbox, local gateway, or paired node, potentially changing files, system state, or remote node state.
The skill exposes arbitrary command execution with selectable execution host, security enforcement level, and approval behavior, but the artifact does not narrow this to a specific safe workflow.
- `command` (required) ... - `host` (`sandbox | gateway | node`) ... - `security` (`deny | allowlist | full`) ... - `ask` (`off | on-miss | always`)
Only use this if you intentionally want a general-purpose exec capability. Prefer sandboxed execution, keep approvals enabled, and avoid `security=full` or `ask=off` unless you fully trust the task.
If approved or configured permissively, commands may run with higher privileges than normal, increasing the chance of system-wide changes or damage.
The skill can request elevated execution on the gateway host, which crosses a significant privilege boundary and is not tied to a narrowly defined task.
- `elevated` (bool): request elevated mode (gateway host); `security=full` is only forced when elevated resolves to `full`
Do not enable elevated mode by default. Require explicit per-command approval and verify exactly what command will run before allowing elevated execution.
Commands may affect the real host environment rather than an isolated sandbox if the user enables gateway execution or has sandboxing disabled.
The artifact acknowledges that sandboxing may be disabled, and host execution is available via gateway mode. This makes command execution materially higher impact than a contained sandbox-only skill.
Important: sandboxing is **off by default**. If sandboxing is off and `host=sandbox` is explicitly configured/requested, exec now fails closed instead of silently running on the gateway host. Enable sandboxing or use `host=gateway` with approvals.
Enable sandboxing before use and verify host selection. Treat gateway or node execution as sensitive and require explicit confirmation.
Long-running commands could keep operating in the background for up to the configured timeout.
The skill supports background command execution. It is disclosed and has a timeout, but background execution can continue after the user stops watching the immediate interaction.
- `yieldMs` (default 10000): auto-background after delay - `background` (bool): background immediately - `timeout` (seconds, default 1800): kill on expiry
Keep timeouts short, avoid background mode for sensitive commands, and monitor or stop background sessions you no longer need.