TrustSkills
BlogCompareGlossaryDetections

Definition

Reverse shell

A technique where a compromised system initiates an outbound connection to an attacker-controlled server, giving the attacker interactive shell access to the compromised machine. In AI agent skill attacks, reverse shells are typically implemented as bash TCP connections, netcat (-e), Python socket+subprocess combinations, or PowerShell one-liners embedded in skill scripts. TrustSkills checks for reverse shell patterns as a critical-severity finding.

How TrustSkills detects this

TrustSkills scans OpenClaw and ClawHub skills for reverse shell patterns before you install them. The scanner returns plain-English findings — no CVE IDs, no security jargon — with a risk level and a clear explanation of what was found.

Scan a skill freeHow we detect reverse shell

Related terms

C2 callback

A Command and Control (C2) callback is a network connection from a compromised system back to an att

Obfuscated payload

Malicious code that is deliberately encoded or wrapped to avoid detection by scanners that rely on k

Data exfiltration

The unauthorized transfer of sensitive data from a system to an attacker-controlled destination. In