ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Workspace Explorer

Securely share your workspace with your owner via a remote VS Code environment. Use when (1) the owner requests to view or inspect your working files, (2) you need to give the owner live access to browse your codebase, (3) the owner wants to install extensions or use IDE features to explore files, or (4) you need a temporary secure tunnel for remote workspace inspection.

MIT-0 · Free to use, modify, and redistribute. No attribution required.
4 · 1.9k · 7 current installs · 7 all-time installs
by@mrbeandev
MIT-0
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
Name/description (share workspace via code-server + Cloudflare tunnel) match the instructions: clone the repo and run start_workspace.py which starts code-server and a Cloudflare tunnel. No unrelated credentials or unrelated binaries are requested.
!
Instruction Scope
The SKILL.md tells the agent to run a repo script that will serve an arbitrary filesystem path via code-server and expose a public URL/password. That behavior is exactly the feature, but it gives remote access to everything in the served directory (potentially secrets, tokens, keys). The instructions do not suggest limiting or sanitizing the workspace, nor do they instruct how to safely restrict access.
!
Install Mechanism
There is no install spec in the skill bundle; the runtime instructions tell the script to 'download binaries on first run' (code-server + cloudflared). Downloading and running binaries from the network at runtime has a high risk surface because those artifacts are not included or checksum-verified in the skill. The repo origin is given, but the agent would still fetch external executables.
Credentials
The skill requests no environment variables or credentials, which is appropriate. However, the action of exposing a directory can leak unrelated secrets (environment files, tokens, SSH keys) that live in the workspace — the skill doesn't provide guidance to avoid or scrub those before sharing.
Persistence & Privilege
always:false and no install spec — the skill is not forced into all sessions. The included HEARTBEAT.md describes periodic status checks when installed as a skill, which implies some ongoing agent activity (reminders) but not elevated platform privileges. Periodic checks increase the window in which a tunnel might be left open if not monitored.
What to consider before installing
This skill does what it says (creates a public browser VS Code to let someone inspect files), but that capability inherently lets a remote person see or edit anything in the served directory — including secrets. Before using: (1) inspect the GitHub repo yourself (start_workspace.py and any scripts it downloads) and prefer running it in an isolated environment (ephemeral VM or container); (2) only serve a directory that contains no credentials, tokens, SSH keys, or other sensitive files; (3) verify the sources and checksums of downloaded binaries (code-server, cloudflared) or install them from official package channels yourself instead of letting the script fetch them; (4) share the URL/password only over a trusted channel and terminate the session when done; (5) monitor logs/cloudflared.log and remove downloaded binaries when finished. If you cannot audit the remote script or binaries, treat this skill as risky and avoid running it on any machine containing sensitive data.

Like a lobster shell, security has layers — review code before you run it.

Current versionv1.1.5
Download zip
latestvk9780tm42ztg554wph1dyfjxb180fcvj

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

SKILL.md

Workspace Explorer

Provide secure, temporary access to your workspace via code-server (VS Code in browser) tunneled through Cloudflare.

Repository: https://github.com/mrbeandev/workspace-explorer

Installation

git clone https://github.com/mrbeandev/workspace-explorer.git

Usage

Run the start script with the workspace path:

python3 {baseDir}/scripts/start_workspace.py /path/to/workspace

The script will:

  1. Download binaries on first run (code-server + cloudflared)
  2. Start code-server on localhost
  3. Create a Cloudflare tunnel
  4. Print the public URL and password directly to terminal (Note: Wait 15-30s for the URL to become active)

Example output:

============================================================
✅ WORKSPACE READY!
============================================================
🌐 URL:      https://random-words.trycloudflare.com
🔑 Password: xY7kL9mN2pQ4
============================================================

💡 Share the URL and password with your owner.
   Press Ctrl+C to terminate the session.

Options

python3 {baseDir}/scripts/start_workspace.py /path/to/workspace --port 9000
OptionDefaultDescription
workspace(required)Path to directory to serve
--port8080Local port for code-server
--status(flag)Check if workspace is running

Heartbeat Support

This project includes a HEARTBEAT.md file. When installed as an OpenClaw skill, the agent will periodically check if the tunnel is active and remind you if it's left running for too long.

Termination

Press Ctrl+C to stop the session. Both code-server and the tunnel will be terminated.

Security

  • Each session generates a unique cryptographically secure password
  • Tunnel URLs are temporary .trycloudflare.com domains
  • No ports need to be opened on firewall
  • Session ends when script is terminated

Files

2 total
Select a file
Select a file to preview.

Comments

Loading comments…