ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Ultimate Freedom Protocol

v9.0.0

Ultimate Web Freedom Protocol (v9.0.0). Leverages 'Protocol Phantom' (curl_cffi kernel-level TLS impersonation) to bypass DataDome, Cloudflare, and Bilibili....

0· 255·0 current·0 all-time
by@biogod2020
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
high confidence
Purpose & Capability
Name/description claim WAF/anti-bot bypass; code files and SKILL.md implement exactly that (curl_cffi impersonation, browser/CDP takeover, driver injection, tunneling). Requiring google-chrome-stable and xvfb-run is consistent with the toolkit's browser-based fallback. However, some requested capabilities (opening raw CDP takeovers, UDS handshake-based gating, and remote debugging exposed to 0.0.0.0) go beyond ordinary scraping and enable local takeover/remote control scenarios.
!
Instruction Scope
SKILL.md and scripts instruct the agent to: start Chrome with remote-debugging-address=0.0.0.0, spawn a local relay, bind sockets, accept CDP connections and perform 'takeover' and 'driver injection', read/write files under user home and /tmp, and start persistent/daemon processes. These actions expand scope well beyond simple data retrieval and permit local-privilege or cross-namespace network bridging.
!
Install Mechanism
Registry metadata claims 'instruction-only' yet the bundle contains 29+ script files. There is no install spec (no controlled package install), so runtime execution will run bundled scripts directly. The lack of an install step combined with many executable scripts is an operational inconsistency that increases risk (files will run without an explicit, reviewed install).
!
Credentials
Manifest declares no required env vars, but scripts reference environment-based safety gates (SOTA_NUCLEAR_CONFIRMED), DBUS session variables, and require/assume file tokens at ~/.openclaw/tmp/sota_active.lock and hardcoded user paths (/home/jiahao). The skill also unwraps network tunnels and binds ports. The skill requests no external API keys, but needs broad local environment access which is not declared or gated clearly.
!
Persistence & Privilege
Multiple scripts and a shell daemon attempt to start background services (xvfb/chrome, python_relay daemon via nohup), create sockets (/tmp/.sota_auth.sock), open TCP ports (9222/9223), and write files into user directories. Although some scripts include self-destruct/timeouts, the combination of daemonization and exposing remote-debugging on 0.0.0.0 is a significant privilege and persistence risk if run on a multi-tenant host.
What to consider before installing
This package is explicitly designed to bypass WAFs and to take low-level control of local browser instances (CDP takeovers, driver injection, and tunneling). That behavior is coherent with its description but is high-risk: it opens network ports, creates local relays/sockets, writes in user home directories, and includes 'nuclear' operations gated only by environment variables or local lockfiles. Before installing or running: (1) do not run on a production or shared host — isolate it in a VM or disposable container with no sensitive credentials; (2) review and understand any scripts that start daemons, bind 0.0.0.0, or use CDP; change remote-debugging-address so it only binds to localhost if you must run; (3) verify provenance and author identity — the package has no homepage and an unknown source; (4) remove or sandbox any scripts that open relays or accept incoming connections; (5) if you need only benign scraping, consider simpler, well-audited libraries instead. Additional information that would raise confidence: an authoritative upstream repo/homepage, a reproducible, minimal install process (no daemonization), explicit manifest of all runtime effects, and proof that remote endpoints are never bound to non-loopback interfaces.

Like a lobster shell, security has layers — review code before you run it.

Runtime requirements

🎭 Clawdis
Binsgoogle-chrome-stable, xvfb-run
SOTAvk971m257ydg7a0zv3nee4vk52582ydbzcffivk971m257ydg7a0zv3nee4vk52582ydbzlatestvk971m257ydg7a0zv3nee4vk52582ydbzphantomvk971m257ydg7a0zv3nee4vk52582ydbzstealthvk971m257ydg7a0zv3nee4vk52582ydbz
255downloads
0stars
1versions
Updated 23h ago
v9.0.0
MIT-0
@biogod2020
SOTAcffilatestphantomstealth
Download

Ultimate Freedom Protocol (SOTA v9.0.0)

This protocol replaces traditional headless browsing with "Protocol Phantom" technology, focusing on kernel-level network fingerprint alignment.

🚀 Core Pillar: Protocol Phantom (CFFI Mode)

Traditional scrapers are identified by their TLS handshake. This toolkit uses curl_cffi to mirror real-world browser profiles at the binary level.

Key Capabilities:

  • JA4 Fingerprinting: Perfect alignment with Chrome 124+ and Safari iOS 17.
  • WAF Penetration: Successfully proven against DataDome, Akamai, and Bilibili's 412/403 blocks.
  • Zero Resource Waste: No need for heavy Xvfb/D-Bus overhead unless complex JS interaction is required.

🛠️ Unified Entry

The freedom_engine.py provides a standardized interface for all penetration tasks.

Version: 9.0.0 (Phantom Core) | Author: Biogod2020 | Status: PROD

Comments

Loading comments...