ClawHub

Caddy Reverse Proxy

Security checks across malware telemetry and agentic risk

Overview

This is a coherent Caddy reverse-proxy guide, but it recommends sensitive networking, credential, persistence, and OpenClaw authentication settings without enough containment guidance.

Review before installing. Prefer binding backend apps to 127.0.0.1 or a Unix socket, confirm Caddy only listens on the intended Tailscale/private interface, protect the Vercel token with strict file permissions and revocation plans, and only enable OpenClaw allowInsecureAuth for narrowly trusted origins on a private network.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)

Missing User Warnings

Medium
Confidence
98% confidence
Finding
The documentation explicitly instructs users to set `gateway.controlUi.allowInsecureAuth: true`, which weakens authentication for the control UI by allowing token-only access in place of stronger device-key authentication. In the context of a reverse-proxied gateway exposed on a domain and used by multiple apps, this materially increases the risk of unauthorized access if tokens are leaked, mishandled, or obtained via another weakness, and the document does not provide an explicit warning, scope limitation, or compensating controls.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The document instructs users to create a long-lived Vercel API token and store it in LaunchDaemon environment variables or a systemd EnvironmentFile, but it does not emphasize strict file permissions, minimizing token scope, or avoiding token exposure through service definitions and config reload workflows. That increases the chance of credential leakage from world-readable files, backups, logs, or process/service inspection, and the token can then be abused to modify DNS records and interfere with certificate issuance.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal