ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

SSH Server

SSH remote connection and operation for servers (Linux/Unix cloud servers, etc.)

MIT-0 · Free to use, modify, and redistribute. No attribution required.
0 · 117 · 0 current installs · 0 all-time installs
by@xingfalin
MIT-0
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The name and description (remote SSH management) match the commands and operations described (ssh, ssh-keygen, systemctl, docker, journalctl). However the SKILL.md repeatedly instructs use of a local Python helper (D:\openClaw\openclaw\config\ssh_config.py or python config/ssh_config.py) and a local config path (D:\openClaw\openclaw\config\servers.json) even though no code files for that helper are included in the skill and the registry metadata lists no required binaries. That dependency on a local, non-provided script is inconsistent with an instruction-only skill and could confuse users or hide where secrets are stored.
!
Instruction Scope
Instructions tell the user/agent to store encrypted passwords locally at a specific path and to run a non-included Python script to add/connect servers. The doc also recommends ssh -o StrictHostKeyChecking=no (disables host key verification), which weakens security and can enable MITM attacks. The skill claims passwords are 'encrypted and stored locally' but provides no details or code to verify encryption, key management, or where the encryption keys are kept. The agent is instructed to prompt the user to run local commands and to connect using stored credentials; these behaviors require trust in the missing local script.
Install Mechanism
No install spec and no code files — the skill is instruction-only, which minimizes direct installation risk. However, the instructions assume the existence of a local Python helper script that is not part of the package (a potential gap but not an installer risk).
Credentials
The skill requires no environment variables or external credentials in its registry metadata, which is consistent with an instruction-only SSH helper. However it asks users to store encrypted passwords locally in a specific file path and to run a local Python script to manage them; requiring storage of sensitive credentials is reasonable for an SSH helper but is disproportionate here because the skill does not provide or document the code that performs encryption, nor explain key management. That lack of transparency around secret handling is a red flag.
Persistence & Privilege
always is false (normal). The SKILL.md header includes requires: ["ssh"] and allowed-tools: Bash(ssh:*), implying the agent may be permitted to run ssh commands; the registry's top-level requirements list no required binaries, creating a small mismatch. Autonomous invocation is allowed by default — combined with the agent's ability to run ssh, this increases impact if the agent gets credentials or if the missing local helper is present on disk. This is not inherently malicious but worth noting before enabling autonomous runs.
What to consider before installing
Do not trust or run the Python helper commands until you inspect the code. The skill references a local script (D:\openClaw\openclaw\config\ssh_config.py and config/ssh_config.py) and a local storage file (servers.json) but does not include that script — verify what that script does, how it encrypts passwords, and where encryption keys are stored. Avoid using StrictHostKeyChecking=no (it disables host key verification and risks MITM). Prefer SSH keys over passwords. If you plan to let the agent run SSH commands, ensure you trust the skill owner and understand how credentials will be provided and protected; if you cannot inspect the helper script, treat this skill as untrusted and do not store secrets for it.

Like a lobster shell, security has layers — review code before you run it.

Current versionv1.0.0
Download zip
latestvk97chxygqhmxgq0m3xcx7150ps837369

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

SKILL.md

SSH Server - Remote Server Management

Overview

Connect to and operate remote Linux/Unix servers via SSH.

Security Notes

⚠️ Important: Protect Sensitive Info

  • Never send passwords directly in chat
  • Passwords are encrypted and stored locally
  • Prefer SSH key authentication

Initial Setup

1. Install Dependencies

SSH client is usually pre-installed:

  • Windows: C:\Windows\System32\OpenSSH\ssh.exe (Win10/11自带)
  • Linux/Mac: Terminal built-in

2. Add Server Config

Method A: Interactive Add (Recommended)

Run this in your local terminal:

python D:\openClaw\openclaw\config\ssh_config.py add

Then enter:

  • Server name: e.g., vps, ubuntu, digitalocean
  • Server IP: xxx.xxx.xxx.xxx
  • Port: 22
  • Username: root, ubuntu, etc.
  • Password: (hidden during input, stored securely)

Method B: SSH Key Login (More Secure)

# 1. Generate local SSH key (if not exists)
ssh-keygen -t ed25519

# 2. Copy public key to server
ssh-copy-id user@your-server-ip

Connect to Server

Interactive Connect (Password)

Run in your terminal:

ssh -o StrictHostKeyChecking=no user@your-server-ip

Then enter password manually.

Connect Using Config Alias

Run in your terminal:

python D:\openClaw\openclaw\config\ssh_config.py connect <server-name>

System will prompt for password, then connect.

Server Operations

After connecting, you can execute:

System Status

# System overview
uptime

# Memory usage
free -h

# Disk usage
df -h

# CPU info
lscpu

# Full system info
uname -a && uptime && free -h && df -h

Users and Processes

# Online users
who

# Process list
ps aux

# Processes sorted by memory
ps aux --sort=-%mem

# Find specific process
ps aux | grep nginx

Network Status

# Network connections
ss -tuln

# Port usage
netstat -tuln

Service Management

# Check service status
systemctl status nginx

# Start service
sudo systemctl start nginx

# Stop service
sudo systemctl stop nginx

# Restart service
sudo systemctl restart nginx

Log Viewing

# System logs
sudo journalctl -xe

# Last 100 lines
sudo journalctl -n 100

# Specific service logs
sudo journalctl -u nginx

# Real-time log
tail -f /var/log/syslog

Docker Operations

# Running containers
docker ps

# All containers
docker ps -a

# Container logs
docker logs container_name

# Enter container
docker exec -it container_name bash

Config File

Server configs saved to D:\openClaw\openclaw\config\servers.json (passwords encrypted).

{
  "vps": {
    "host": "xxx.xxx.xxx.xxx",
    "port": 22,
    "username": "root",
    "key_file": null,
    "password_encrypted": "gAAAAAB..."
  }
}

Management Commands

# Add server
python config/ssh_config.py add

# List servers
python config/ssh_config.py list

# Connect to server
python config/ssh_config.py connect <name>

# Delete server
python config/ssh_config.py delete <name>

Usage Flow

  1. User tells AI: Want to connect to my VPS
  2. AI prompts user: Run python config/ssh_config.py add in terminal
  3. After user adds: AI can connect to server via config
  4. Connection methods:
    • Password: User runs ssh user@IP and enters password
    • Key: Direct connect after config

Security Principles

  • 🔐 Passwords not transmitted via chat
  • 🔑 Prefer SSH keys
  • 🛡️ Passwords encrypted locally
  • ⚠️ Confirm before dangerous operations

Files

4 total
Select a file
Select a file to preview.

Comments

Loading comments…