Terminal Killer

🚀 Smart command router that executes shell commands directly, bypassing LLM for instant terminal operations.

Quick Start

Terminal Killer automatically activates when user input matches command patterns. No special syntax needed — just type commands naturally:

CODEBLOCK0

How It Works

Detection Pipeline

CODEBLOCK1

Environment Loading

Terminal Killer automatically loads your shell environment before executing commands:

1. Detects your shell (zsh, bash, etc.)
Sources init files (~/.zshrc, ~/.bash_profile, ~/.bashrc, etc.)
Inherits full PATH - including custom paths like Android SDK, Homebrew, etc.
Preserves environment variables - all your export VAR=value settings

This ensures commands like adb, kubectl, docker, etc. work exactly as they do in your terminal!

Detection Rules (in order)

1. System Builtins - Check against OS-specific builtin commands
PATH Executables - Scan $PATH for matching executables
History Match - Compare against recent shell history
Command Pattern - Heuristic analysis (operators, paths, etc.)
Confidence Score - Combine signals for final decision

Detection Details

1. System Builtins

Checks input against known builtin commands for the current OS:

macOS/Linux	Windows (PowerShell)	Windows (CMD)
INLINECODE8, `pwd`, INLINECODE10	INLINECODE11, `pwd`, INLINECODE13	INLINECODE14, `dir`, INLINECODE16
INLINECODE17, INLINECODE18

See references/builtins/ for complete lists.

2. PATH Executable Check

Scans $PATH directories to verify if the first word is an executable:

CODEBLOCK2

3. History Matching

Compares input against recent shell history (~/.zsh_history, ~/.bash_history, PowerShell history):

- Exact match → High confidence
Similar prefix → Medium confidence
No match → Continue checking

4. Command Pattern Analysis

Heuristic scoring based on command characteristics:

Pattern	Score	Example
Starts with known command	+3	INLINECODE50
Contains shell operators

5. Confidence Threshold

CODEBLOCK3

Usage

Automatic Activation

Terminal Killer triggers automatically when:

- User input starts with a verb-like word
Input is short (< 20 words typically)
No question words (what, how, why, etc.)

Interactive Commands

Terminal Killer automatically detects and handles interactive shell commands:

Detected Patterns:

- adb shell - Opens new terminal with adb shell
INLINECODE58 - Opens SSH session in new window
INLINECODE59 - Opens container shell
INLINECODE60 - Opens MySQL client
INLINECODE61, node, bash - Opens REPL in new window

Behavior:

- ✅ Automatically opens new Terminal window (macOS)
✅ Loads your full shell environment (~/.zshrc, etc.)
✅ Keeps main session free for other tasks

Manual Override

Force command execution:
CODEBLOCK4

Force LLM handling:
CODEBLOCK5

Safety Features

Dangerous Command Detection

Automatically flags potentially dangerous operations:

- rm -rf / or similar destructive patterns
INLINECODE65 commands (requires explicit approval)
INLINECODE66, mkfs, INLINECODE68
Network operations to suspicious hosts
Commands modifying system files

Approval Workflow

CODEBLOCK6

Audit Logging

All executed commands are logged to:
CODEBLOCK7

Log format:
CODEBLOCK8

Configuration

Settings

Add to your OpenClaw config:

CODEBLOCK9

Platform Detection

Automatically detects OS and adjusts detection rules:

CODEBLOCK10

Implementation

Core Script

See scripts/detect-command.js for the main detection logic.

Helper Scripts

- scripts/check-path.js - Verify executable in PATH
INLINECODE71 - Match against shell history
INLINECODE72 - Calculate confidence score
INLINECODE73 - Detect dangerous patterns

Testing

See references/TESTING.md for comprehensive test guide.

Quick test:
CODEBLOCK11

Limitations

- Requires shell access (won't work in sandboxed environments)
History check needs read access to shell history files
Windows support requires PowerShell or WSL for full functionality
Some commands may have false positives (natural language that looks like commands)

Contributing

To add new builtin commands for your platform:

1. Edit INLINECODE75
Test with INLINECODE76
Submit PR with platform verification

👤 About the Creator

Author: Cosper
Contact: cosperypf@163.com
License: MIT

📬 Get in Touch

Interested in this skill? Have suggestions, bug reports, or want to collaborate?

- 📧 Email: cosperypf@163.com
💡 Suggestions: Always welcome!
🐛 Bug Reports: Please include platform, OpenClaw version, and example inputs
🤝 Collaboration: Open to contributions and improvements

🙏 Acknowledgments

Built for the OpenClaw community. Thanks to everyone contributing to the ecosystem!

📝 Changelog

v1.1.0 (2026-02-28)

🎯 Core Improvements:

1. ✅ Faithful Command Execution

- Commands are executed exactly as input - No modifications, no optimizations, no additions - Raw output preserved (including progress bars, special characters, etc.)

2. 🪟 Interactive Shell Detection

- Automatically detects interactive commands (adb shell, ssh, docker exec -it, etc.) - Opens new Terminal window for interactive sessions - Keeps main session free for other tasks - Loads full shell environment (~/.zshrc, etc.)

3. 📜 Long Output Handling

- Detects output longer than 2000 bytes - Shows 200-character preview - Prompts user to open in new Terminal window - Prevents interface rendering issues with long content

📦 Files Updated:

- scripts/index.js - Long output detection + interactive command handling
INLINECODE81 - New Terminal window opener
INLINECODE82 - Updated documentation
INLINECODE83 - Usage examples
INLINECODE84 - Version bump to 1.1.0

v1.0.0 (2026-02-28)

Initial Release:

- Smart command detection (system builtins, PATH, history, patterns)
Cross-platform support (macOS/Linux/Windows)
Environment variable loading (~/.zshrc, etc.)
Dangerous command detection
Confidence scoring system

Version: 1.1.0
Created: 2026-02-28
Last Updated: 2026-02-28

终端终结者

🚀 智能命令路由器，直接执行Shell命令，绕过LLM实现即时终端操作。

快速开始

当用户输入匹配命令模式时，终端终结者自动激活。无需特殊语法——只需自然地输入命令：

ls -la # → 直接执行
git status # → 直接执行
npm install # → 直接执行
help me code # → LLM正常处理

工作原理

检测流程

用户输入 → 命令检测器 → 决策
├── 命令 → 执行（直接）
└── 任务 → LLM（正常）

环境加载

终端终结者在执行命令前自动加载您的Shell环境：

1. 检测您的Shell（zsh、bash等）
加载初始化文件（~/.zshrc、~/.bash_profile、~/.bashrc等）
继承完整PATH - 包括自定义路径如Android SDK、Homebrew等
保留环境变量 - 所有您的export VAR=value设置

这确保了adb、kubectl、docker等命令与在终端中完全一致地工作！

检测规则（按顺序）

1. 系统内置命令 - 检查操作系统特定的内置命令
PATH可执行文件 - 扫描$PATH查找匹配的可执行文件
历史匹配 - 与最近的Shell历史记录比较
命令模式 - 启发式分析（操作符、路径等）
置信度评分 - 综合信号进行最终决策

检测详情

1. 系统内置命令

检查输入是否匹配当前操作系统的已知内置命令：

macOS/Linux	Windows（PowerShell）	Windows（CMD）
cd、pwd、ls	cd、pwd、ls	cd、dir、cls
echo、cat

完整列表请参见references/builtins/。

2. PATH可执行文件检查

扫描$PATH目录以验证第一个词是否为可执行文件：

bash

使用which（Unix）或Get-Command（PowerShell）

which # 如果存在则返回路径

3. 历史匹配

将输入与最近的Shell历史记录（~/.zshhistory、~/.bashhistory、PowerShell历史记录）比较：

- 精确匹配 → 高置信度
相似前缀 → 中等置信度
无匹配 → 继续检查

4. 命令模式分析

基于命令特征的启发式评分：

模式	分数	示例
以已知命令开头	+3	git status
包含Shell操作符

5. 置信度阈值

分数 >= 5 → 执行（高置信度命令）
分数 3-4 → 询问（不确定，与用户确认）
分数 < 3 → LLM（可能是任务/请求）

使用方法

自动激活

终端终结者在以下情况下自动触发：

- 用户输入以类似动词的词开头
输入较短（通常少于20个词）
不包含疑问词（what、how、why等）

交互式命令

终端终结者自动检测并处理交互式Shell命令：

检测到的模式：

- adb shell - 在新终端中打开adb shell
ssh user@host - 在新窗口中打开SSH会话
docker exec -it container bash - 打开容器Shell
mysql -u root -p - 打开MySQL客户端
python、node、bash - 在新窗口中打开REPL

行为：

- ✅ 自动打开新终端窗口（macOS）
✅ 加载您的完整Shell环境（~/.zshrc等）
✅ 保持主会话空闲以处理其他任务

手动覆盖

强制命令执行：

!ls -la # 即使不确定也强制执行

强制LLM处理：

?? explain git # 即使看起来像命令也强制LLM处理

安全特性

危险命令检测

自动标记潜在的危险操作：

- rm -rf /或类似的破坏性模式
sudo命令（需要明确批准）
dd、mkfs、chmod 777
指向可疑主机的网络操作
修改系统文件的命令

批准流程

检测到危险命令！

命令：rm -rf ./important-folder
风险：高 - 递归删除

[批准] [拒绝] [编辑]

审计日志

所有执行的命令记录到：

~/.openclaw/logs/terminal-killer.log

日志格式：
json
{
timestamp: 2026-02-28T12:00:00Z,
command: ls -la,
confidence: 8,
executiontimems: 45,
output_lines: 12,
status: success
}

配置

设置

添加到您的OpenClaw配置：

yaml
terminal-killer:
enabled: true
confidence_threshold: 5
requireapprovalfor:
- rm -rf
- sudo
- dd
- mkfs
log_executions: true
maxhistorycheck: 100 # 要检查的历史记录条目数

平台检测

自动检测操作系统并调整检测规则：