ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Src

v0.6.1

Bridge macOS-only tools into a Linux OpenClaw gateway via SSH wrappers and connected Mac nodes. Use when a Linux gateway needs to run imsg, remindctl, memo,...

0· 96·0 current·0 all-time
byMatthew Murphy@matthewxmurphy
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description (macOS-to-Linux bridge) align with included scripts and instructions. The scripts only require SSH access to a Mac node and create wrapper scripts that invoke remote binaries; there are no unrelated env vars, downloads, or surprising dependencies.
Instruction Scope
SKILL.md is prescriptive and scoped to installing/verifying wrappers and publishing wrapper-aware skills. It explicitly requires passwordless SSH and instructs where wrappers are placed. Minor implementation notes: wrappers forward arguments to remote binaries and invoke ssh 'bash -lc' with a quoted command string — this is expected for the use case but means the remote shell interprets the constructed command, so correct quoting and least-privilege wrappers are important.
Install Mechanism
No remote install/downloads or package installs; the skill is instruction-first and includes local scripts only. Nothing in the scripts fetches or executes code from arbitrary URLs.
Credentials
The skill does not request additional credentials or config; it relies on standard SSH keys/known_hosts and optional env vars (OPENCLAW_BIN_DIR, XDG_DATA_HOME, HOME) for install paths. That is proportional to the described functionality. The skill explicitly advises best practices for SSH key scoping and not storing secrets in the skill folder.
Persistence & Privilege
always is false and the skill is user-invocable. Installation writes wrapper scripts to a user-visible bin directory (configurable) which is normal and limited in scope. The skill does not modify other skills or system-wide agent settings.
Assessment
This skill appears to do exactly what it says: create small SSH wrappers so a Linux gateway can call macOS binaries on trusted Mac nodes. Before installing, ensure you have passwordless SSH set up with a scoped key (prefer one key per gateway or per-node), pin known_hosts if possible, and install wrappers as a non-root user into an expected directory. Review the generated wrapper scripts (they exec ssh and pass args through to the remote binary) so you understand exactly what remote commands will run and to confirm no broad shell bridging is being created. Do not store private keys or OAuth tokens in the skill folder; revoke or rotate the dedicated SSH key if you remove the wrapper. If you need stricter isolation, test in a sandboxed account/machine first. Overall the design is coherent, but pay attention to SSH key management and quoting/argument handling in your environment.

Like a lobster shell, security has layers — review code before you run it.

latestvk97es23cc85d2srjg7fd07aa99839rgw

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

🔌 Clawdis

Comments