Skillv1.0.1

ClawScan security

URnetwork helper · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignMar 10, 2026, 10:07 AM

Verdict: benign
Confidence: medium
Model: gpt-5-mini
Summary: The skill's instructions and requirements are coherent with its stated purpose (creating/using/provider proxies on URnetwork), but it includes privileged network/container setup and external images/endpoints that you should validate before running.
Guidance: This skill appears to do what it claims, but it contains high-impact operational steps. Before using: 1) Verify the endpoints and project (bringyour.com / ur.io) and confirm they are the official sources; 2) Treat the exchanged JWT as a secret and do not share it publicly; 3) Inspect any Docker images (bringyour/community-provider) before running — prefer to pull from official trusted registries and review image contents; 4) Run provider containers in isolated environments (VMs or restricted containers) because instructions install packages and modify iptables/networking; 5) If you lack sysadmin experience, avoid executing iptables/docker steps verbatim — ask an admin to review; 6) Consider legal/terms-of-service implications of using anonymous proxies or providing egress bandwidth in your jurisdiction and with your upstream provider. If you want greater assurance, request the skill author supply signed release artifacts or a reproducible repo/manifest for the Docker image and clarify the ownership of the listed endpoints.

Review Dimensions

Purpose & Capability: okName/description (URnetwork proxy/VPN consumer and provider) matches the SKILL.md content: API calls to bringyour.com, MCP flow, proxy creation, and provider node/Docker setup are all relevant to the stated functionality.
Instruction Scope: noteSKILL.md provides detailed, actionable instructions that go beyond simple API calls: exchanging an auth code for a JWT, creating proxies, and full provider node setup (Dockerfiles, apt installs, iptables/redsocks configuration). These are consistent with provider/consumer modes but require elevated privileges and running third-party images; treat as high-impact actions and review before executing.
Install Mechanism: okThere is no install spec and no code files — the skill is instruction-only. That lowers installer risk, but the instructions point to downloading/running images (bringyour/community-provider) and installing packages inside containers/hosts, which you must vet independently.
Credentials: okThe skill declares no required environment variables or credentials. The runtime instructions do rely on a JWT derived from a user-provided auth code; treating that JWT as a secret is appropriate. No unrelated credentials or env paths are requested.
Persistence & Privilege: okThe skill does not request always:true and is user-invocable only. It does instruct how to run long-lived services (containers) if you choose provider mode, but it does not attempt to modify other skills or agent-wide settings.