Terminal

v1.0.2

Local shell copilot for command planning, safe execution, preview-first workflows, output summarization, privacy-aware history controls, and step-by-step ter...

⭐ 2· 2.2k·32 current·32 all-time

by@agistack

OpenClaw Prompt Flow

Install with OpenClaw

Best for remote or guided setup. Copy the exact prompt, then paste it into OpenClaw for agistack/terminal.

Previewing Install & Setup.

Prompt PreviewInstall & Setup

Install the skill "Terminal" (agistack/terminal) from ClawHub.
Skill page: https://clawhub.ai/agistack/terminal
Keep the work scoped to this skill only.
After install, inspect the skill metadata and help me finish setup.
Use only the metadata you can verify from ClawHub; do not invent missing requirements.
Ask before making any broader environment changes.

Command Line

CLI Commands

Use the direct CLI path if you want to install manually and keep every step visible.

OpenClaw CLI

Bare skill slug

openclaw skills install terminal

ClawHub CLI

Package manager switcher

npx clawhub@latest install terminal

Security Scan

VirusTotal

Benign

View report →

OpenClaw

Benign

high confidence

ℹ

Purpose & Capability

Name/description (local shell copilot) aligns with the included scripts (planning, preview, execute, summarize, history). Minor inconsistency: SKILL.md lists Python 3 as a runtime requirement but the registry metadata lists no required binaries; practically the code requires python3 to run.

ℹ

Instruction Scope

SKILL.md and the scripts remain within the terminal copilot scope: they plan commands, preview, enforce confirmation for high-risk patterns, execute via subprocess, redact sensitive-looking tokens, and store local history. Important behavioral detail: run_command uses subprocess.run(..., shell=True) so it will execute arbitrary shell code exactly as provided — this is expected for a terminal tool but means any command (including network operations or destructive commands once confirmed) will run on the user's machine. The safety checks flag many high-risk tokens/commands and require --yes, but a user who supplies --yes or an agent invoking it autonomously could still run them.

✓

Install Mechanism

No install step; code is instruction/file-based and runs under user's Python environment. No remote downloads or external package installation are present.

ℹ

Credentials

The skill requests no environment variables or external credentials. It stores history locally at ~/.openclaw/workspace/memory/terminal/history.json and attempts to set file permissions to 0600. It includes redaction regexes for common token formats, but redaction is heuristic and may not catch all secrets; by default stdout/stderr are stored unless --no-store-output is used.

✓

Persistence & Privilege

always is false and the skill does not request system-wide privileges or modify other skills. It persists only to a per-user path under the home directory and attempts to secure that file's permissions.

Assessment

This skill appears to do what it claims (a local shell copilot). Before installing or invoking it: (1) ensure you have python3 available locally; (2) understand that commands are executed with shell=True — any command you run (or an agent running the skill on your behalf) can perform network actions or destructive changes if confirmed; (3) prefer --preview to inspect commands first and require explicit confirmation for risky operations; (4) use --no-store-output and --redact-display for sensitive runs because redaction is heuristic and may miss secrets; (5) review the history file (~/.openclaw/workspace/memory/terminal/history.json) policy if you handle sensitive data. If you need stricter guarantees, avoid granting autonomous agents permission to run commands without human review.

Like a lobster shell, security has layers — review code before you run it.

latestvk97dxcmnay41av4pddw2he3trh8331ek

2.2kdownloads

2stars

3versions

Updated 1mo ago

v1.0.2

MIT-0

Terminal

Local shell copilot. Plan clearly, run carefully.

Core Philosophy

Translate intent into executable shell steps.
Prefer preview and inspection before mutation.
Require explicit confirmation for destructive operations.
Summarize results in human language after execution.
Offer privacy-aware history controls for sensitive workflows.

Runtime Requirements

Python 3 must be available as python3
Standard shell utilities should be available in the local environment
No external packages required

Safety Model

Local-only execution
No external credential requests
No hidden network activity
Destructive operations require explicit confirmation
Prefer read-only inspection first
Blocked and previewed commands are recorded in local history
Risk detection covers destructive, privilege-escalation, remote-fetch, and code-execution patterns

Privacy Controls

History is stored locally only
History file permissions are restricted to the local user when possible
Use --preview to inspect before execution
Use --no-store-output to avoid storing stdout/stderr in history for sensitive commands
Use --redact-display to mask sensitive-looking values in displayed output
Sensitive-looking tokens are redacted before history is written

Storage

All local data is stored only under:

~/.openclaw/workspace/memory/terminal/history.json

No cloud sync. No third-party APIs. No telemetry.

Workflows

Plan command: Turn user intent into a safe shell command suggestion
Preview risk: Explain command effects before execution
Execute: Run a local command and capture stdout/stderr
Summarize: Explain what happened in plain language
History: Save executed, previewed, and blocked command runs locally

Scripts

Script	Purpose
`init_storage.py`	Initialize local terminal history storage
`plan_command.py`	Generate a shell command from user intent
`run_command.py`	Execute or preview a local command with safety checks and privacy controls
`summarize_result.py`	Summarize command output in plain language
`show_history.py`	Show recent command history

Comments

Loading comments...