Ssh Exec
PassAudited by ClawScan on May 10, 2026.
Overview
This instruction-only skill transparently runs SSH commands, but it can affect any remote machine your SSH credentials can access.
Install only if you want the agent to run SSH commands on your behalf. Set the target explicitly, verify each command before execution, avoid piping sensitive local scripts unless intended, and use a least-privilege SSH key limited to the target host.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A command run through this skill could read, change, or delete data on the remote machine, depending on the SSH account’s permissions.
The skill instructs the agent to run remote shell commands and can pipe a local script to a remote host. This is the advertised purpose, but it is a high-impact capability if used on the wrong target or with unsafe commands.
ssh -p 8022 user@100.107.204.64 "uname -a" ... ssh -p 8022 user@100.107.204.64 'bash -s' < local-script.sh
Use it only for commands and hosts you explicitly intend; review the exact SSH target and command before execution, especially for scripts or destructive operations.
If your SSH key or agent has broad access, the agent could run commands on privileged remote systems when this skill is invoked.
The skill relies on the user’s existing SSH keys or agent session. This is normal for SSH access, but it means the agent may act with whatever remote permissions those credentials provide.
Requires SSH access to the target (key in `~/.ssh/` or `SSH_AUTH_SOCK`)
Prefer a dedicated, least-privilege SSH key for the intended Tailscale host, constrain SSH agent forwarding/use where possible, and confirm the target identity before running commands.
You have less context about who authored the SSH instructions, though the provided artifacts are short and reviewable.
The skill has limited provenance information. Because it is instruction-only and has no install script or code files, this is not by itself suspicious, but users cannot easily verify its origin.
Source: unknown; Homepage: none
Review the SKILL.md instructions yourself and install only if you are comfortable with an unknown-source skill that can run SSH commands.