Rssh2 - SSH远程自动化工具

The OpenClaw skill 'rssh2' is classified as suspicious due to its inherent capabilities for remote command execution, arbitrary file transfer, and network tunneling, all of which accept user-controlled inputs without internal sanitization. Specifically, `index.js` and `session-manager.js` directly pass commands to `ssh2.Client.exec`, posing a shell injection risk if the calling agent provides unsanitized input. The `sftp-manager.js` allows reading/writing to arbitrary local and remote file paths via `sftp.fastPut` and `sftp.fastGet`, creating path traversal vulnerabilities. Additionally, `tunnel-manager.js` can establish network tunnels to arbitrary hosts and ports. While these are core features of an SSH automation tool, their powerful nature and reliance on external input sanitization make the skill high-risk if misused, classifying it as suspicious rather than benign. There is no evidence of intentional malicious behavior, data exfiltration, or backdoors within the skill's code or instructions; in fact, `SKILL.md` provides good security advice.