{"skill":{"slug":"proxy","displayName":"Proxy","summary":"Establish and verify secure VPN or tunnel connections to bypass geo/IP blocks, confirm IP and DNS safety, and safely resume blocked tasks with audit logging.","description":"---\nname: vpn\ndescription: Meta-skill for secure network tunnel setup, geo-access diagnostics, and leak-aware task resumption by orchestrating shell-scripting, curl-http, wireguard, tailscale, dns, ipinfo, and moltguard. Use when users need controlled VPN switching, region verification, DNS safety checks, and automatic retry of previously blocked workflows.\nhomepage: https://clawhub.ai\nuser-invocable: true\ndisable-model-invocation: false\nmetadata: {\"openclaw\":{\"emoji\":\"🔐\",\"requires\":{\"bins\":[\"bash\",\"curl\"],\"anyBins\":[\"nordvpn\",\"mullvad\",\"expressvpn\",\"wg\",\"tailscale\"],\"env\":[],\"config\":[]},\"note\":\"Requires at least one tunnel path (provider CLI, WireGuard, or Tailscale exit node). Optional security/geo enrichment: MoltGuard and IPinfo.\"}}\n---\n\n# Purpose\n\nEstablish a secure, verified path when access is blocked by geo/IP policy, then resume the blocked workflow safely and audibly.\n\nPrimary outcomes:\n1. detect and classify block behavior,\n2. switch to a valid tunnel path with explicit user consent,\n3. verify public IP, region, and DNS safety posture,\n4. re-run blocked task with bounded retries,\n5. return an auditable connection report.\n\nThis is an orchestration skill. It does not guarantee legal access to restricted services.\n\n# Required Installed Skills\n\nCore diagnostics/orchestration:\n- `shell-scripting` (inspected latest: `1.0.0`)\n- `curl-http` (inspected latest: `1.0.0`)\n\nTunnel path options (at least one):\n- provider CLI path (NordVPN / Mullvad / ExpressVPN) via shell orchestration\n- `wireguard` (inspected latest: `1.0.0`)\n- `tailscale` (inspected latest: `1.0.0`)\n\nSafety and verification extensions:\n- `dns` (inspected latest: `1.0.0`)\n- `ipinfo` (inspected latest: `1.0.0`)\n- `moltguard` (inspected latest: `6.0.2`, optional but recommended)\n\nInstall/update:\n\n```bash\nnpx -y clawhub@latest install shell-scripting\nnpx -y clawhub@latest install curl-http\nnpx -y clawhub@latest install wireguard\nnpx -y clawhub@latest install tailscale\nnpx -y clawhub@latest install dns\nnpx -y clawhub@latest install ipinfo\nnpx -y clawhub@latest install moltguard\nnpx -y clawhub@latest update --all\n```\n\nVerify:\n\n```bash\nnpx -y clawhub@latest list\n```\n\n# Required Credentials and Access\n\nRequired access:\n- valid account/session for selected tunnel path\n- local executable for selected path (`nordvpn`/`mullvad`/`expressvpn` or `wg` or `tailscale`)\n\nOptional keys:\n- `MOLTGUARD_API_KEY` (if MoltGuard remote detection mode is enabled)\n- `IPINFO_TOKEN` (optional, higher quota geolocation verification)\n\nPreflight:\n\n```bash\ncommand -v nordvpn || command -v mullvad || command -v expressvpn || command -v wg || command -v tailscale\necho \"$MOLTGUARD_API_KEY\" | wc -c\necho \"$IPINFO_TOKEN\" | wc -c\n```\n\nMandatory behavior:\n- Never fail silently on missing keys/auth.\n- Always return `MissingAPIKeys` and/or `MissingCredentials` with blocked stages.\n- Continue with non-blocked diagnostics and mark output as `Partial` when needed.\n\n# Compliance Gate (Mandatory)\n\nBefore any tunnel switch, confirm and record:\n- user authorization to modify network routing,\n- acknowledgment of legal/terms responsibility,\n- stated purpose for geo-switch (testing, parity checks, privacy hardening).\n\nIf acknowledgment is missing:\n- do not execute switching commands,\n- return diagnostics-only output.\n\n# Inputs the LM Must Collect First\n\n- `blocked_url` or `blocked_endpoint`\n- `blocked_task_name` (example: `prediction-market-arbitrage`)\n- `target_region`\n- `tunnel_path` (`provider-cli`, `wireguard`, `tailscale-exit-node`)\n- `provider_or_profile` (provider name, WG profile, or exit-node name)\n- `risk_mode` (`diagnose-only`, `switch-and-verify`, `switch-and-resume`)\n- `kill_switch_required` (`yes/no`)\n- `max_retries` (default: 2)\n\nDo not execute switching before tunnel path and target region are explicit.\n\n# Tool Responsibilities\n\n## shell-scripting\n\nUse as control plane:\n- executable detection,\n- connect/disconnect wrappers,\n- retry and cleanup logic,\n- deterministic logging.\n\n## curl-http\n\nUse for protocol-level evidence:\n- baseline and post-switch HTTP checks,\n- `403`/geo-block signature capture,\n- header and status comparisons.\n\n## wireguard\n\nUse when deterministic profile-based tunnels are required:\n- controlled profile activation,\n- route and AllowedIPs sanity expectations,\n- DNS handling awareness in tunnel config.\n\n## tailscale\n\nUse for tailnet and exit-node path:\n- `tailscale up --exit-node=<node>`,\n- connectivity validation via `tailscale ping`/status,\n- fast fallback among available exit nodes.\n\n## dns\n\nUse for DNS leak and propagation sanity guidance:\n- resolver checks,\n- authoritative vs cached record reasoning,\n- explicit leak-risk interpretation when DNS path remains local.\n\n## ipinfo\n\nUse for geo-attestation:\n- validate post-switch country/region/ASN,\n- compare with baseline,\n- provide confidence level for geo-alignment.\n\n## moltguard\n\nUse as prompt/tool security guardrail:\n- sanitize sensitive prompt/tool content,\n- detect prompt-injection patterns in fetched content,\n- reduce accidental secret leakage in workflow logs.\n\nImportant limitation:\n- MoltGuard is not a VPN manager and not a full network leak detector.\n\n# Canonical Causal Signal Chain\n\n1. `Block Detection`\n- baseline request to blocked endpoint,\n- classify as `geo_block`, `ip_block`, `auth_block`, or `other_http_error`.\n\n2. `Baseline Snapshot`\n- capture pre-switch public IP, country, and resolver context.\n\n3. `Tunnel Path Selection`\n- choose one path:\n  - provider CLI,\n  - WireGuard profile,\n  - Tailscale exit node.\n- verify binary/auth/profile availability before connect.\n\n4. `Tunnel Activation`\n- connect selected path,\n- confirm session state from tool output,\n- enforce kill-switch preference if available.\n\n5. `Geo and IP Verification`\n- compare pre/post public IP,\n- verify target country best-effort (`ipinfo.io` + optional token),\n- record confidence if country mismatches.\n\n6. `DNS Safety Check`\n- check resolver behavior and detect obvious DNS bypass patterns,\n- flag risk if DNS appears untunneled in full-tunnel expectation.\n\n7. `Access Retest`\n- retry blocked endpoint,\n- compare HTTP status/content signatures against baseline.\n\n8. `Task Resumption`\n- if retest passes, resume blocked workflow automatically (`switch-and-resume` mode),\n- otherwise rotate endpoint/profile once within retry budget and stop with evidence.\n\nSuggested verification commands:\n\n```bash\ncurl -s ifconfig.me\ncurl -s https://ipinfo.io/json\ncurl -I \"${BLOCKED_URL}\"\n```\n\n# Leak and Safety Checks\n\nMinimum checks before success:\n- public IP changed,\n- target country aligned (or deviation explicitly explained),\n- endpoint moved from blocked to reachable/expected-auth state,\n- DNS path does not contradict tunnel expectations,\n- no unresolved high-risk MoltGuard warning (if enabled).\n\nIf kill-switch is required but not supported/verified:\n- return `Needs Review` and avoid high-risk task resumption.\n\n# Output Contract\n\nAlways return:\n\n- `BlockDiagnosis`\n  - block type\n  - baseline HTTP evidence\n\n- `TunnelPath`\n  - selected path and rationale\n  - provider/profile/exit node\n\n- `TunnelStatus`\n  - connect state\n  - pre/post IP\n  - target region match\n\n- `DNSSafety`\n  - resolver observation\n  - leak risk assessment (`low|medium|high`)\n\n- `SecurityStatus`\n  - MoltGuard mode (`enabled`, `gateway-only`, `disabled`)\n  - unresolved warnings\n\n- `AccessRetest`\n  - post-switch result\n  - improvement vs baseline\n\n- `TaskResumption`\n  - resumed or blocked\n  - reason\n\n- `NextActions`\n  - exact commands or account steps for unresolved blockers\n\n# Quality Gates\n\nBefore final output, verify:\n- diagnosis is evidence-based,\n- pre/post network evidence is present,\n- retry count respected,\n- missing credentials/keys clearly disclosed,\n- provider/path limitations explicitly stated.\n\nIf any gate fails, return `Needs Revision` with concrete missing checks.\n\n# Failure Handling\n\n- Missing tunnel binary/profile: return `MissingCredentials` with concrete install/profile steps.\n- Missing VPN account/auth session: return `MissingCredentials`, skip switching stage.\n- Missing `MOLTGUARD_API_KEY` in detection mode: return `MissingAPIKeys`, continue with gateway-only or disabled mode.\n- Tunnel connected but geo mismatch persists: one bounded retry with different endpoint/profile, then stop.\n- Endpoint still blocked after retry: return full evidence bundle and manual-decision path.\n\n# Guardrails\n\n- Never claim legal or terms compliance on behalf of user.\n- Never claim secure state without pre/post verification.\n- Never unbounded-loop region hopping.\n- Never hide ambiguous or failed access states.\n","tags":{"latest":"1.0.0"},"stats":{"comments":0,"downloads":317,"installsAllTime":2,"installsCurrent":2,"stars":0,"versions":1},"createdAt":1771088009222,"updatedAt":1778491542212},"latestVersion":{"version":"1.0.0","createdAt":1771088009222,"changelog":"Initial release: major upgrade to a meta-skill for controlled VPN/proxy switching, geo/IP diagnostics, and workflow resumption.\n\n- Adds orchestration of tunnel setup, region/IP verification, DNS leak checks, and task retry for blocked workflows.\n- Integrates with provider CLI tools, WireGuard, Tailscale, plus DNS, IPinfo, and MoltGuard for security/context enrichment.\n- Requires explicit user consent and collects all vital inputs (blocked endpoint, target region, tunnel path, etc.) before execution.\n- Implements strong preflight and compliance gates, including mandatory acknowledgment for legal responsibility.\n- Returns detailed, auditable output reports with evidence of block detection, tunnel outcome, DNS posture, and security findings.\n- Clear error, partial, and revision handling for missing credentials, API keys, or quality gate failures.","license":null},"metadata":{"setup":[],"os":null,"systems":null},"owner":{"handle":"h4gen","userId":"s1789vg92zcrdcbajdp87fjxsh8487xv","displayName":"Hagen Hoferichter","image":"https://avatars.githubusercontent.com/u/12556763?v=4"},"moderation":null}