ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Agi Term Helper

v1.0.1

Fast, explicit terminal execution via OpenClaw exec (direct dispatch; you type the exact command).

0· 658·2 current·3 all-time
by@liuwujijay
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description claim a raw terminal passthrough and the skill requests no credentials, binaries, or installs — exactly what you'd expect for a thin /term -> exec dispatcher.
Instruction Scope
SKILL.md explicitly forwards the user's raw argument string to the configured exec tool and contains safety guidance (avoid secrets, avoid `curl | sh`, prefer read-only commands). This is coherent for a direct-exec helper, but by design it permits arbitrary shell commands (including destructive or exfiltratory commands) when invoked by a user. The skill itself does not instruct reading unrelated files or exfiltrating data.
Install Mechanism
No install spec and no code files are present (instruction-only). Nothing is written to disk and no external artifacts are fetched — lowest-risk install posture.
Credentials
The skill requires no environment variables or credentials. The doc notes that sandboxed runtimes may not inherit env and explains how to inject them; that explanation is informative and proportional.
Persistence & Privilege
always is false and disable-model-invocation is true (the model cannot invoke this autonomously). The skill does not request persistent system privileges or modify other skills' config.
Assessment
This skill is a thin passthrough: when you run /term <command>, that exact command is sent to your exec tool and executed in whatever environment OpenClaw provides. That behavior is intentional and internally consistent, but it also means you must treat it like typing directly into a terminal: never paste commands you don't understand, avoid putting secrets on command lines, and never run remote-download-and-execute one-liners (e.g., curl | sh). Because disable-model-invocation is true, the model won't run commands by itself — only you can trigger them — which reduces accidental execution risk. If you want safer, model-assisted checks and confirmations, consider installing a model-invocable companion (the SKILL.md suggests a 'terminal-helper').

Like a lobster shell, security has layers — review code before you run it.

latestvk975y2b1vr7fex6gnvqbzr9a61817mf6

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

🧰 Clawdis
OSmacOS · Linux · Windows

Comments