opentunnel-connect

This script intentionally provisions remote SSH access by creating/using a system user, exposing SSH over a public tunnel, and sending the credentials and endpoint to a supplied webhook. That pattern is high-risk: it can be used as a backdoor and exfiltration tool. Key issues: unverified runtime binary installation, plaintext credential transmission to an arbitrary endpoint, insecure temporary storage, incomplete cleanup, and requirement for root. Treat as high security risk; do not run on production systems or in environments where the webhook or download sources are not strictly controlled and audited.

This module implements a small webhook server that collects credentials and exposes itself through a public tunnel (bore). The code itself is not obviously backdoored or obfuscated, but it performs potentially dangerous actions: it downloads and installs a native binary from a remote release and runs it to create a public tunnel, and it stores and serves cleartext credentials via an unauthenticated /status endpoint. These behaviors create supply-chain and data-exposure risks. If you plan to use this code, review the trustworthiness of the bore binary source, ensure it is run with least privilege, add authentication/authorization to endpoints, avoid storing or returning plaintext secrets, and avoid runtime installation of external system binaries in privileged locations.

[Skill Scanner] Installation of third-party script detected All findings: [CRITICAL] command_injection: Installation of third-party script detected (SC006) [AITech 9.1.4] [CRITICAL] command_injection: URL pointing to executable file detected (CI010) [AITech 9.1.4] [CRITICAL] command_injection: URL pointing to executable file detected (CI010) [AITech 9.1.4] This skill's purpose (establish SSH access via reverse tunnel) is plausible and the described capabilities match that purpose, but the implementation choices are high-risk. Key concerns: instructing remote machines to run a curl | sudo bash installer from a raw GitHub URL; requiring the remote to send plaintext passwords back to a webhook exposed via a third-party tunnel (bore); and lacking integrity/authentication and least-privilege safeguards. These patterns are commonly abused for credential harvesting and remote code execution. I rate this skill as SUSPICIOUS for supply-chain/security posture — acceptable only after major changes (remove piped sudo install, use key-based reverse tunnel, sign and verify bootstrap scripts, authenticate webhook posts, avoid transmitting plaintext passwords). LLM verification: This skill contains multiple high-risk patterns that are disproportionate to its stated purpose: it instructs operators to curl a raw GitHub shell script and run it with sudo on remote machines, have the remote send plaintext credentials to an exposed webhook via a public bore tunnel, and then uses those credentials to SSH back in. Those behaviors enable credential harvesting, arbitrary remote code execution, and supply-chain risk (remote script modification). The design could be used legitimate