ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

claude-code-bridge

v1.0.0

Bridges OpenClaw (QQ, Telegram, WeChat, and other messaging channels) to a persistent Claude Code CLI session running in a background tmux process. Enables s...

0· 253·2 current·2 all-time
byLinghaoz@zlhad
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description describe a tmux-based bridge to a local 'claude' CLI; the included script implements tmux session creation, send/approve/status/stop/restart/peek/history etc. There are no unrelated environment variables or external services requested. This set of requirements is coherent for the stated purpose.
Instruction Scope
SKILL.md and the script instruct the agent to forward every message to a local claude CLI running in tmux and to manage workdirs (including user-specified paths) and sandbox temp dirs. This is expected, but it means any forwarded chat message can cause the local Claude CLI to run actions (including invoking shell-mode or initiating file reads/writes via CC). The instructions do not attempt to read other unrelated system state beyond the skill's own state files in ~/.openclaw/claude-code-bridge.
Install Mechanism
No install spec or external downloads; this is an instruction-only skill with one shell script and docs. Nothing is fetched from arbitrary URLs and no archives are extracted.
Credentials
The skill requires no credentials or special env vars. It uses standard local paths (HOME, ~/.openclaw/*) and an optional CLAUDE_BIN override; these are proportional to running a local CLI bridge.
Persistence & Privilege
always is false and autonomous invocation is allowed by default (normal). The skill stores state under ~/.openclaw/claude-code-bridge and creates tmux sessions — appropriate for its function and not modifying other skills or system-wide configs.
Assessment
This skill is internally coherent, but it forwards chat text directly into a local interactive Claude CLI — which can execute commands, read/write files, and output file contents. Before installing: 1) Only enable/activate it for trusted chat channels (untrusted group chats could be used to run commands). 2) Prefer '沙盒' (sandbox) mode when experimenting; sandbox directories are created in /tmp and cleaned on stop. 3) Review the script (scripts/claude-code-bridge.sh) locally to confirm behavior and the default CLAUDE_BIN path, and consider running it in a restricted test account. 4) Be aware it writes logs and state to ~/.openclaw/claude-code-bridge and creates tmux sessions named ccb_<id>. 5) Note source/homepage unknown — if provenance is important, request the upstream repository or author and verify updates before trusting long-term.

Like a lobster shell, security has layers — review code before you run it.

latestvk972hwy0rf4t5swjakravss5t982qd26

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments