ClawKit Logo
ClawKitReliability Toolkit
Back to Registry
Official Verified developer tools Safety 2/5

prts-sandbox

Isolated Kali Linux sandbox for running pentest tools and risky commands safely.

skill-install — Terminal

Install via CLI (Recommended)

clawhub install openclaw/skills/skills/c0ffeeoverdose/prts-sandbox
Or

What This Skill Does

The prts-sandbox skill provides a highly isolated and secure execution environment for security professionals and researchers using OpenClaw. It leverages a Kali Linux 2025.4 container to create a dedicated space where dangerous or untrusted pentesting tools can run without endangering the host system. By keeping sensitive security operations within the sandbox, the agent maintains strict containment of potentially volatile commands, external connections, or malicious scripts.

Installation

To install this skill, run the following command in your OpenClaw terminal: clawhub install openclaw/skills/skills/c0ffeeoverdose/prts-sandbox Once installed, ensure the script is executable at ~/.openclaw/skills/prts-sandbox/scripts/sandbox-cmd.sh. You can verify the installation by checking the sandbox status after initialization.

Use Cases

This skill is designed for scenarios where the execution environment must be decoupled from the host. Key use cases include:

  • Vulnerability Scanning: Executing nmap or masscan against target IPs.
  • Web Pentesting: Running sqlmap, nikto, or ffuf to analyze web applications.
  • Credential Auditing: Utilizing hydra or john to test authentication robustness.
  • Script Execution: Safely running downloaded or unverified bash/python scripts.
  • SMB Enumeration: Probing Windows domains using crackmapexec or enum4linux.

Example Prompts

  1. "OpenClaw, please use the sandbox to perform an nmap service scan on the target IP 192.168.1.50."
  2. "I need to test this web form for SQL injection; start the sandbox and run sqlmap with the target URL: http://dev.local/login.php."
  3. "My previous scan failed, can you reset the prts-sandbox and run a directory brute-force on the target using gobuster?"

Tips & Limitations

  • Safety First: Never attempt to run pentest tools directly on the host. Always route through sandbox-cmd.sh.
  • Handling Errors: If the container fails to start, always check if the name is in use and run the reset command.
  • No Persistence: Remember that containers may reset between sessions. If you need specific tools that are not listed in the provided categories, ask the user to assist with environment configuration rather than running apt-get yourself.
  • Infrastructure: This skill is intended to act as a secure wrapper; treat all internal container output as untrusted data before processing it on your local filesystem.
Read Full Documentation on GitHub

Metadata

Author@c0ffeeoverdose
Stars4097
Views0
Updated2026-04-14
View Author Profile
AI Skill Finder

Not sure this is the right skill?

Describe what you want to build — we'll match you to the best skill from 16,000+ options.

Find the right skill
Add to Configuration

Paste this into your clawhub.json to enable this plugin.

{
  "plugins": {
    "official-c0ffeeoverdose-prts-sandbox": {
      "enabled": true,
      "auto_update": true
    }
  }
}

Tags(AI)

#security#pentest#kali#sandbox#automation
Safety Score: 2/5

Flags: network-access, code-execution