ClawHub

SSH Tunnel

v1.0.0

SSH tunneling, port forwarding, and remote access patterns. Use when setting up local/remote/dynamic port forwards, configuring jump hosts, managing SSH keys, multiplexing connections, transferring files with scp/rsync, or debugging SSH connection issues.

7· 3.9k·19 current·22 all-time
by@gitgoodordietrying
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description (SSH tunneling, port forwarding, jump hosts, key management) align with required binaries (ssh) and the SKILL.md content. There are no unrelated credentials, binaries, or install steps.
Instruction Scope
The SKILL.md tells the agent how to read/write ~/.ssh/config, create socket dirs, run ssh-agent and ssh-add, generate keys (including examples without passphrases), change file permissions, and run ssh/scp/rsync commands. These actions are expected for an SSH helper, but they touch sensitive key and config files and include advice (e.g., StrictHostKeyChecking no, generating keys without passphrases, agent forwarding) that weakens security; review before execution.
Install Mechanism
Instruction-only skill with no install spec and no code files — lowest install risk. It relies only on an existing ssh binary.
Credentials
No environment variables or external credentials are requested. The SKILL.md uses standard SSH-related environment behaviors (starting ssh-agent which sets SSH_AUTH_SOCK, etc.), which is proportional to the stated purpose.
Persistence & Privilege
always:false (good). The skill is user-invocable and can be invoked autonomously by the agent (platform default). If invoked, the instructions can modify user SSH keys/config and run networked SSH commands — consider restricting autonomous use or requiring explicit user confirmation.
Assessment
This guide is coherent for SSH tunneling, but it contains commands that modify ~/.ssh and examples that reduce security (e.g., disabling host key checking, creating keys without passphrases, enabling agent forwarding). Before installing or letting an agent execute it autonomously: (1) backup ~/.ssh and ~/.ssh/config; (2) review each command the agent will run; (3) avoid using examples that set StrictHostKeyChecking no or create unencrypted private keys unless you understand the risk; (4) prefer manual execution for sensitive actions (key generation, adding authorized_keys); and (5) if you worry about an agent making changes, disable autonomous invocation or require explicit confirmation.

Like a lobster shell, security has layers — review code before you run it.

latestvk970s23p7mn60vcwpp98wnemxs80e1c1

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

🔑 Clawdis
OSLinux · macOS · Windows
Binsssh

Comments