ssh-remote-control
https://clawhub.ai/api/v1/skills/ssh-remote-control/file?path=SKILL.md&version=1.0.10
github.com/clawhub.ai/ssh-remote-control
Scanned Thu, 28 May 2026 17:05:38 GMT
Scan ID crawl-ywgs9t8rg1enf58xrx7huamd · 3ms
C
SCORE 55 / 100
Verdict: Proceed with caution

6 high-severity findings.

This skill reads protected filesystem locations plus 6 other issues listed below.

0 critical6 high1 medium5 rules passed

Why grade C?

score · 55 / 100

The current grade reflects 6 high-severity findings (3+ HIGHs → C).

0 CRIT6 HIGH1 MED0 LOW
To reach a higher grade
  • B
    Reach Btarget score 75

    Resolve 4 of 6 HIGH (cap is 2).

  • A
    Reach Atarget score 95

    Resolve all 6 HIGH.

Thresholds are documented at /docs/grading. Source-of-truth is the grade() function in @skillox/scanner.

Findings · ordered by severity

high
Sensitive filesystem path referenced
The skill references a path (`~\/\.ssh\/`) that contains credentials or system secrets. Reading this from an unsandboxed skill is a credential-exfiltration vector.
rule: filesystem-overreachline: 154CWE-552
1523. **添加公钥到远程电脑**
153 ```bash
154 echo "公钥内容" >> ~/.ssh/authorized_keyssensitive path — credential-exfiltration vector
155 chmod 700 ~/.ssh
156 chmod 600 ~/.ssh/authorized_keys
high
Sensitive filesystem path referenced
The skill references a path (`~\/\.ssh\/`) that contains credentials or system secrets. Reading this from an unsandboxed skill is a credential-exfiltration vector.
rule: filesystem-overreachline: 156CWE-552
154 echo "公钥内容" >> ~/.ssh/authorized_keys
155 chmod 700 ~/.ssh
156 chmod 600 ~/.ssh/authorized_keyssensitive path — credential-exfiltration vector
157 ```
158
high
Sensitive filesystem path referenced
The skill references a path (`~\/\.ssh\/`) that contains credentials or system secrets. Reading this from an unsandboxed skill is a credential-exfiltration vector.
rule: filesystem-overreachline: 233CWE-552
231
232### 3. 命令限制
233- 可以在远程电脑的`~/.ssh/authorized_keys`中限制可执行的命令sensitive path — credential-exfiltration vector
234- 示例:
235 ```
high
Sensitive filesystem path referenced
The skill references a path (`~\/\.ssh\/`) that contains credentials or system secrets. Reading this from an unsandboxed skill is a credential-exfiltration vector.
rule: filesystem-overreachline: 252CWE-552
250- 使用 `permitopen=` 限制端口转发
251
252示例(`~/.ssh/authorized_keys`):sensitive path — credential-exfiltration vector
253```
254from="你的服务器IP",no-pty,command="/bin/false",ssh-ed25519 AAAA...
high
Sensitive filesystem path referenced
The skill references a path (`~\/\.ssh\/`) that contains credentials or system secrets. Reading this from an unsandboxed skill is a credential-exfiltration vector.
rule: filesystem-overreachline: 277CWE-552
275
276### 公钥认证失败
2771. 确认公钥已添加到`~/.ssh/authorized_keys`sensitive path — credential-exfiltration vector
2782. 确认文件权限正确:
279 ```bash
high
Sensitive filesystem path referenced
The skill references a path (`~\/\.ssh\/`) that contains credentials or system secrets. Reading this from an unsandboxed skill is a credential-exfiltration vector.
rule: filesystem-overreachline: 281CWE-552
279 ```bash
280 chmod 700 ~/.ssh
281 chmod 600 ~/.ssh/authorized_keyssensitive path — credential-exfiltration vector
282 ```
283
med
No capability manifest declared
The skill ships without a `manifest.yaml` or `capabilities` block in its frontmatter. Without a manifest, the runtime cannot enforce what this skill is permitted to do.
rule: no-manifest
Scan another →Share
skillox.io/r/crawl-ywgs9t8rg1enf58xrx7huamd