Shell Executor Skill
Execute shell commands through your Moltbot agent.
Shell Executor
Execute shell commands through your AI agent. This is a powerful but potentially dangerous skill.
High Risk Skill: This skill can execute arbitrary commands on your system. Only enable if you fully understand the security implications.
What It Does
- Run bash/shell commands
- Execute scripts
- Manage system processes
- Automate system administration
Install / Enable
# .env
SKILL_SHELL_ENABLED=true
SKILL_SHELL_ALLOWED_COMMANDS=ls,cat,echo,pwd # Optional whitelist
SKILL_SHELL_WORKING_DIR=/home/user/safe-dir # Optional sandboxPermissions Required
| Permission | Description |
|---|---|
| System | Full shell access (or whitelisted commands) |
| Network | If running network commands |
| Files | Depends on commands executed |
Example Commands
User: List files in the current directory
Agent: [Executes: ls -la]
drwxr-xr-x 5 user user 160 Jan 15 10:00 .
drwxr-xr-x 3 user user 96 Jan 15 09:00 ..
-rw-r--r-- 1 user user 1234 Jan 15 10:00 file.txt
User: How much disk space is available?
Agent: [Executes: df -h]
Filesystem Size Used Avail Use% Mounted on
/dev/sda1 50G 20G 28G 42% /
User: What's the server uptime?
Agent: [Executes: uptime]
10:30:00 up 45 days, 3:22, 1 user, load average: 0.00, 0.01, 0.00Configuration
| Variable | Description |
|---|---|
SKILL_SHELL_ENABLED | Set to true to enable |
SKILL_SHELL_ALLOWED_COMMANDS | Whitelist of allowed commands |
SKILL_SHELL_BLOCKED_COMMANDS | Blacklist of blocked commands |
SKILL_SHELL_WORKING_DIR | Restrict to this directory |
SKILL_SHELL_TIMEOUT | Command timeout in seconds |
SKILL_SHELL_MAX_OUTPUT | Max output characters |
Security Configuration
Recommended: Whitelist approach
# Only allow specific safe commands
SKILL_SHELL_ALLOWED_COMMANDS=ls,cat,head,tail,grep,wc,date,uptime,df,free,psAlternative: Blacklist approach (less secure)
# Block dangerous commands
SKILL_SHELL_BLOCKED_COMMANDS=rm,dd,mkfs,fdisk,shutdown,reboot,sudo,su,chmod,chownSandboxing
# Restrict to specific directory
SKILL_SHELL_WORKING_DIR=/home/user/sandbox
# Combined with command whitelist
SKILL_SHELL_ALLOWED_COMMANDS=ls,cat,head,tailRisks
System Damage: Commands like rm -rf / can destroy your system.
Data Exfiltration: Malicious prompts could leak sensitive files.
Privilege Escalation: If running as root, full system compromise is possible.
Resource Exhaustion: Fork bombs or infinite loops can crash the system.
Best Practices
- Never run as root - Use a limited user account
- Use command whitelists - Only allow necessary commands
- Set working directory - Sandbox to a safe location
- Enable audit logging - Log all executed commands
- Set timeouts - Prevent long-running commands
- Review prompts - Understand how AI interprets requests
Troubleshooting
Command not found
# Check if command is in PATH inside container
docker exec moltbot which ls
# Or add to PATH
docker exec moltbot echo $PATHPermission denied
The container user lacks permissions. See Permission Denied.
Output truncated
Increase SKILL_SHELL_MAX_OUTPUT or pipe to head:
SKILL_SHELL_MAX_OUTPUT=10000Alternatives
- Code Interpreter - Safer Python execution
- Git Operations - Specific git commands only