Skip to main content

ssh-tunnel

Facilitates secure remote access and port forwarding using SSH tunneling for efficient network management and debugging.

Install this skill

or
0/100

Security score

The ssh-tunnel skill was audited on Feb 9, 2026 and we found 56 security issues across 3 threat categories, including 2 critical. Review the findings below before installing.

Categories Tested

AI Security Analysis

SUSPICIOUS70% confidenceFlag For Review

An AI model reviewed this skill's content and provided the following security assessment:

The skill contains several patterns that could potentially lead to data exfiltration and unauthorized file access, particularly related to SSH configurations and commands. While these commands are common in SSH usage, their presence without clear context or safeguards raises concerns about misuse. The curl commands to non-GitHub URLs and access to sensitive SSH files could be misused if the skill is executed in an untrusted environment.

gemini-2.0-flashFeb 11, 2026Adjusted score: 75/100

Security Issues

medium line 52

Curl to non-GitHub URL

SourceSKILL.md
52# On the remote: curl http://localhost:8080 → hits your local :3000
medium line 71

Curl to non-GitHub URL

SourceSKILL.md
71# Use with curl
low line 103

Access to hidden dotfiles in home directory

SourceSKILL.md
103# ~/.ssh/config
low line 109

Access to hidden dotfiles in home directory

SourceSKILL.md
109IdentityFile ~/.ssh/bastion_key
low line 132

Access to hidden dotfiles in home directory

SourceSKILL.md
132# ~/.ssh/config
low line 145

Access to hidden dotfiles in home directory

SourceSKILL.md
145IdentityFile ~/.ssh/prod_ed25519
low line 151

Access to hidden dotfiles in home directory

SourceSKILL.md
151IdentityFile ~/.ssh/staging_ed25519
low line 156

Access to hidden dotfiles in home directory

SourceSKILL.md
156IdentityFile ~/.ssh/dev_key
low line 164

Access to hidden dotfiles in home directory

SourceSKILL.md
164# ~/.ssh/config
low line 167

Access to hidden dotfiles in home directory

SourceSKILL.md
167ControlPath ~/.ssh/sockets/%r@%h-%p
low line 176

Access to hidden dotfiles in home directory

SourceSKILL.md
176mkdir -p ~/.ssh/sockets
low line 190

Access to hidden dotfiles in home directory

SourceSKILL.md
190ssh-keygen -t ed25519 -C "user@machine" -f ~/.ssh/mykey_ed25519
low line 193

Access to hidden dotfiles in home directory

SourceSKILL.md
193ssh-keygen -t rsa -b 4096 -C "user@machine" -f ~/.ssh/mykey_rsa
low line 196

Access to hidden dotfiles in home directory

SourceSKILL.md
196ssh-keygen -t ed25519 -N "" -f ~/.ssh/deploy_key
low line 203

Access to hidden dotfiles in home directory

SourceSKILL.md
203ssh-copy-id -i ~/.ssh/mykey_ed25519.pub user@remote-server
low line 206

Access to hidden dotfiles in home directory

SourceSKILL.md
206cat ~/.ssh/mykey_ed25519.pub | ssh user@remote-server "mkdir -p ~/.ssh && chmod 700 ~/.ssh && cat >> ~/.ssh/authorized_keys && chmod 600 ~/.ssh/authorized_keys"
low line 216

Access to hidden dotfiles in home directory

SourceSKILL.md
216ssh-add ~/.ssh/mykey_ed25519
low line 219

Access to hidden dotfiles in home directory

SourceSKILL.md
219ssh-add -t 3600 ~/.ssh/mykey_ed25519
low line 237

Access to hidden dotfiles in home directory

SourceSKILL.md
237chmod 700 ~/.ssh
low line 238

Access to hidden dotfiles in home directory

SourceSKILL.md
238chmod 600 ~/.ssh/id_ed25519 # Private key
low line 239

Access to hidden dotfiles in home directory

SourceSKILL.md
239chmod 644 ~/.ssh/id_ed25519.pub # Public key
low line 240

Access to hidden dotfiles in home directory

SourceSKILL.md
240chmod 600 ~/.ssh/config
low line 241

Access to hidden dotfiles in home directory

SourceSKILL.md
241chmod 600 ~/.ssh/authorized_keys
low line 262

Access to hidden dotfiles in home directory

SourceSKILL.md
262scp -i ~/.ssh/mykey -P 2222 file.txt user@remote:/path/
low line 281

Access to hidden dotfiles in home directory

SourceSKILL.md
281rsync -avz -e "ssh -i ~/.ssh/deploy_key -p 2222" ./dist/ user@remote:/var/www/
low line 332

Access to hidden dotfiles in home directory

SourceSKILL.md
332ssh -o IdentitiesOnly=yes -i ~/.ssh/specific_key user@remote
low line 344

Access to hidden dotfiles in home directory

SourceSKILL.md
344# Common: wrong permissions on ~/.ssh or authorized_keys
medium line 361

Access to hidden dotfiles in home directory

SourceSKILL.md
361- Use `~/.ssh/config` for everything. Named hosts with stored settings are faster and less error-prone than typing long commands.
medium line 367

Access to hidden dotfiles in home directory

SourceSKILL.md
367- Keep your `~/.ssh/config` organized with comments. Future-you will appreciate it.
high line 103

Access to SSH directory

SourceSKILL.md
103# ~/.ssh/config
high line 109

Access to SSH directory

SourceSKILL.md
109IdentityFile ~/.ssh/bastion_key
high line 132

Access to SSH directory

SourceSKILL.md
132# ~/.ssh/config
high line 145

Access to SSH directory

SourceSKILL.md
145IdentityFile ~/.ssh/prod_ed25519
high line 151

Access to SSH directory

SourceSKILL.md
151IdentityFile ~/.ssh/staging_ed25519
high line 156

Access to SSH directory

SourceSKILL.md
156IdentityFile ~/.ssh/dev_key
high line 164

Access to SSH directory

SourceSKILL.md
164# ~/.ssh/config
high line 167

Access to SSH directory

SourceSKILL.md
167ControlPath ~/.ssh/sockets/%r@%h-%p
high line 176

Access to SSH directory

SourceSKILL.md
176mkdir -p ~/.ssh/sockets
high line 190

Access to SSH directory

SourceSKILL.md
190ssh-keygen -t ed25519 -C "user@machine" -f ~/.ssh/mykey_ed25519
high line 193

Access to SSH directory

SourceSKILL.md
193ssh-keygen -t rsa -b 4096 -C "user@machine" -f ~/.ssh/mykey_rsa
high line 196

Access to SSH directory

SourceSKILL.md
196ssh-keygen -t ed25519 -N "" -f ~/.ssh/deploy_key
high line 203

Access to SSH directory

SourceSKILL.md
203ssh-copy-id -i ~/.ssh/mykey_ed25519.pub user@remote-server
high line 206

Access to SSH directory

SourceSKILL.md
206cat ~/.ssh/mykey_ed25519.pub | ssh user@remote-server "mkdir -p ~/.ssh && chmod 700 ~/.ssh && cat >> ~/.ssh/authorized_keys && chmod 600 ~/.ssh/authorized_keys"
high line 216

Access to SSH directory

SourceSKILL.md
216ssh-add ~/.ssh/mykey_ed25519
high line 219

Access to SSH directory

SourceSKILL.md
219ssh-add -t 3600 ~/.ssh/mykey_ed25519
high line 238

Access to SSH directory

SourceSKILL.md
238chmod 600 ~/.ssh/id_ed25519 # Private key
high line 239

Access to SSH directory

SourceSKILL.md
239chmod 644 ~/.ssh/id_ed25519.pub # Public key
high line 240

Access to SSH directory

SourceSKILL.md
240chmod 600 ~/.ssh/config
high line 241

Access to SSH directory

SourceSKILL.md
241chmod 600 ~/.ssh/authorized_keys
high line 262

Access to SSH directory

SourceSKILL.md
262scp -i ~/.ssh/mykey -P 2222 file.txt user@remote:/path/
high line 281

Access to SSH directory

SourceSKILL.md
281rsync -avz -e "ssh -i ~/.ssh/deploy_key -p 2222" ./dist/ user@remote:/var/www/
high line 332

Access to SSH directory

SourceSKILL.md
332ssh -o IdentitiesOnly=yes -i ~/.ssh/specific_key user@remote
critical line 361

Access to SSH directory

SourceSKILL.md
361- Use `~/.ssh/config` for everything. Named hosts with stored settings are faster and less error-prone than typing long commands.
critical line 367

Access to SSH directory

SourceSKILL.md
367- Keep your `~/.ssh/config` organized with comments. Future-you will appreciate it.
low line 52

External URL reference

SourceSKILL.md
52# On the remote: curl http://localhost:8080 → hits your local :3000
low line 72

External URL reference

SourceSKILL.md
72curl --socks5-hostname localhost:1080 https://example.com
Scanned on Feb 9, 2026
View Security Dashboard
Installation guide →
GitHub Stars 2.2K
Rate this skill
Categorydevelopment
UpdatedApril 10, 2026
openclawbackenddevopsdevops-srebackend-developerdata-engineerdevelopment
openclaw/skills