ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Remotego

v1.1.0

Expose any CLI tool as a public web terminal via tunnel. Mirror bash, vim, python, node, or any command in a browser for remote access and collaboration.

0· 62·0 current·0 all-time
by@topcheer
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The skill claims to expose any CLI via a public tunnel and requires Node (reasonable). However the README explicitly references creating a tunnel via localhost.run and mentions SSH port 22; yet the metadata only lists 'node' as a required binary and does not declare 'ssh' or network access as a dependency. This omission is a mismatch (likely the tool uses SSH for the tunnel).
!
Instruction Scope
SKILL.md directs running arbitrary commands (bash, vim, python, node, etc.) and publishing them to a public URL. That is exactly the stated purpose but intrinsically dangerous: any sensitive files or credentials visible via the terminal can be exposed. The security model described is vague (a session UUID in the URL and 'clients must authenticate within 5 seconds') with no detail on authentication, authorization, or session lifetime. The instructions do not require or describe verifying the remote client or restricting input; this lack of access-control detail is concerning.
Install Mechanism
There is no install spec in the skill bundle (instruction-only). SKILL.md recommends 'npm install -g @remotego/remotego' or using 'npx', which will download and run code from the npm registry at runtime. That is a normal distribution method but does carry typical risks (you pull third-party code on demand). There is no guidance to verify the package origin/signature or to inspect code before running.
Credentials
The skill declares no required environment variables or credentials, which is proportionate to a tunneling/terminal mirroring tool. However, it implicitly needs outbound network connectivity (and likely the ssh client) which is not called out. No unrelated credentials are requested.
Persistence & Privilege
always:false and user-invocable:true — no persistent or forced presence. The skill does not request elevated platform privileges in its metadata.
What to consider before installing
This tool will publish whatever command you run (including shells and editors) to a public URL — treat it like handing your machine keyboard to a stranger. Before installing/running: - Verify the npm package and GitHub repository (owner, stars, recent commits) and inspect the source if possible. - Prefer installing and running inside an isolated environment (container, VM) — do not run as root or on production machines. - Do not run commands that access secrets, private keys, or sensitive files while the tunnel is active. - Confirm how authentication works (the SKILL.md's "5 second" requirement is vague); ensure strong access controls and short-lived sessions. - Be aware the tool likely uses SSH/localhost.run and needs outbound SSH (port 22) — confirm your network/firewall policy. - Avoid using 'npx' to run uninspected packages on high-privilege hosts; if you must, inspect the package contents first. If these concerns are acceptable and you understand the risks, proceed cautiously; otherwise treat this skill as potentially unsafe for sensitive systems.

Like a lobster shell, security has layers — review code before you run it.

latestvk9777g1dh012q7b320gafk7y4183wk6t

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

🌐 Clawdis
OSmacOS · Linux
Binsnode

Comments