Safety Report

SSH Tunnel

Name: SSH Tunnel
Rating: 5 (4 reviews)
Author: gitgoodordietrying

SSH tunneling, port forwarding, and remote access patterns. Use when setting up local/remote/dynamic port forwards, configuring jump hosts, managing SSH keys, multiplexing connections, transferring files with scp/rsync, or debugging SSH connection issues.

3,014Downloads

12Installs

4Stars

1Versions

File Management2,100 Networking & DNS1,102

Security Analysis

high confidence

Clean0.08 risk

The skill's instructions, requirements, and behavior match an SSH tunneling/port-forwarding help guide; nothing requested is disproportionate, but the runtime instructions can modify sensitive SSH files and include insecure recommendations that you should review before running.

Feb 11, 20261 files2 concerns

Purpose & Capabilityok

Name/description (SSH tunneling, port forwarding, jump hosts, key management) align with required binaries (ssh) and the SKILL.md content. There are no unrelated credentials, binaries, or install steps.

Instruction Scopenote

The SKILL.md tells the agent how to read/write ~/.ssh/config, create socket dirs, run ssh-agent and ssh-add, generate keys (including examples without passphrases), change file permissions, and run ssh/scp/rsync commands. These actions are expected for an SSH helper, but they touch sensitive key and config files and include advice (e.g., StrictHostKeyChecking no, generating keys without passphrases, agent forwarding) that weakens security; review before execution.

Install Mechanismok

Instruction-only skill with no install spec and no code files — lowest install risk. It relies only on an existing ssh binary.

Credentialsok

No environment variables or external credentials are requested. The SKILL.md uses standard SSH-related environment behaviors (starting ssh-agent which sets SSH_AUTH_SOCK, etc.), which is proportional to the stated purpose.

Persistence & Privilegenote

always:false (good). The skill is user-invocable and can be invoked autonomously by the agent (platform default). If invoked, the instructions can modify user SSH keys/config and run networked SSH commands — consider restricting autonomous use or requiring explicit user confirmation.

Guidance

This guide is coherent for SSH tunneling, but it contains commands that modify ~/.ssh and examples that reduce security (e.g., disabling host key checking, creating keys without passphrases, enabling agent forwarding). Before installing or letting an agent execute it autonomously: (1) backup ~/.ssh and ~/.ssh/config; (2) review each command the agent will run; (3) avoid using examples that set StrictHostKeyChecking no or create unencrypted private keys unless you understand the risk; (4) prefer manual execution for sensitive actions (key generation, adding authorized_keys); and (5) if you worry about an agent making changes, disable autonomous invocation or require explicit confirmation.

Latest Release

v1.0.0

Initial release: Local/remote/dynamic port forwarding, jump hosts, ProxyJump, SSH config, key management, agent forwarding, scp/rsync, connection debugging

More by @gitgoodordietrying

API Development

4 stars

Git Workflows

3 stars

Makefile & Build

2 stars

Skill Search Optimizer

2 stars

Performance Profiler

2 stars

Cron & Scheduling

2 stars

Published by @gitgoodordietrying on ClawHub