ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Tmux

v1.0.1

Remote-control tmux sessions for interactive CLIs by sending keystrokes and scraping pane output.

0· 103·0 current·0 all-time
by@utromaya-code
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description match the actual behavior: the SKILL.md and included scripts only require tmux and provide commands and wrappers to list sessions, capture pane output, poll for text, and send keys. There are no unrelated binaries, network endpoints, or credentials requested.
Instruction Scope
Runtime instructions explicitly show using tmux commands to capture output and send keystrokes. The scripts and examples operate on tmux sessions/panes only and do not instruct reading arbitrary files, calling external network services, or exfiltrating data. They do, as intended, read pane output and send input to sessions the agent can access.
Install Mechanism
No install spec or external downloads — the skill is instruction-only with two small shell scripts. Nothing is written to disk by an installer and no remote code is fetched.
Credentials
The scripts read optional environment variables (OPENCLAW_TMUX_SOCKET_DIR and CLAWDBOT_TMUX_SOCKET_DIR) to locate socket directories but these are not declared in requires.env. While this is not malicious, it means behavior can change if such env vars are set (for example enabling scan of all sockets under a directory via --all). The skill requests no credentials. Be aware that tmux access inherently allows reading/writing any sessions accessible to the user running the agent.
Persistence & Privilege
Skill is not always-enabled and does not modify other skills or system configuration. It requires only a user-level tmux binary and does not request elevated or persistent privileges.
Assessment
This skill is coherent with its purpose: it uses tmux to list sessions, capture pane text, poll for patterns, and send keystrokes. Before installing, consider: (1) tmux access equals the ability to read and send input to any tmux sessions the agent process can access — avoid using this skill on machines where other users' sensitive sessions may be available. (2) The scripts honor OPENCLAW_TMUX_SOCKET_DIR / CLAWDBOT_TMUX_SOCKET_DIR if set; ensure those env vars aren’t pointed at a broad or multi-user socket directory unless you intend the skill to scan them. (3) There are no network calls or credential requests, and no installer downloads. If you need stricter guarantees, review the two shell scripts yourself and run the agent under a user account that has only the intended tmux sessions available.

Like a lobster shell, security has layers — review code before you run it.

latestvk9756wwcac3z93gmdvgbbcfztn83ce3j

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

🧵 Clawdis
OSmacOS · Linux
Binstmux

Comments