ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Umbrel Proxy Manager

v1.0.3

Efficiently manage and interact with Umbrel proxy services for Docker containers. Automatically discovers running services, maps internal Docker IPs to acces...

0· 64·0 current·0 all-time
byG@gmoranxyz
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description match the included scripts: discovery (docker ps/inspect), mapping proxy→localhost, connectivity tests (curl/requests), and OpenClaw config updates (openclaw CLI). No unrelated credentials, binaries, or external services are required.
Instruction Scope
SKILL.md and scripts instruct the agent to run local shell commands (docker, openclaw, curl/systemctl) and read/write local JSON files (umbrel_services.json, connectivity_results.json). This is appropriate for the stated goal, but the scripts run shell commands via subprocess with shell=True and perform CLI invocations without explicit input sanitization — acceptable for local admin use but worth reviewing before running in environments with untrusted container names or modified mapping files.
Install Mechanism
No install spec or remote downloads; the skill is instruction-only with bundled scripts. No archives or external installers are fetched, minimizing supply-chain risk.
Credentials
The skill declares no environment variables, no credentials, and no config paths beyond local skill files. It performs OpenClaw CLI operations (expected) and accesses Docker locally; requested access is proportional to the task.
Persistence & Privilege
always:false (not force-included). The skill does modify OpenClaw configuration via the openclaw CLI when run — this is within scope but is a persistent change to the user's OpenClaw config and may require a gateway restart to apply. Autonomous invocation is allowed by platform default; combine with user caution if you permit autonomous runs.
Assessment
This skill appears to do what it says, but review and exercise standard caution before running: 1) Inspect the scripts (they are bundled) — they call docker, openclaw, curl/requests and write umbrel_services.json/connectivity results. 2) Run discovery and use update scripts with --dry-run first (update_openclaw_config.py supports dry-run) to see planned changes. 3) Backup your OpenClaw config (~/.openclaw/openclaw.json or your system path) before allowing automatic updates. 4) Run as a local admin user; avoid running in environments where container names or the mapping JSON could be attacker-controlled (the scripts use shell execution and have limited input sanitization). 5) Ensure Docker and OpenClaw binaries are trusted and on your system PATH. If you want higher assurance, run the discovery scripts only, inspect umbrel_services.json, then run updates manually.

Like a lobster shell, security has layers — review code before you run it.

latestvk97d4qrgsm4nxb3w1475929ca183cytb

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments