Skillv1.0.0

ClawScan security

Clash Verge Controller · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignApr 30, 2026, 4:59 AM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill's files and runtime instructions align with its stated purpose (controlling a local Clash Verge / mihomo REST API); it does not request unrelated credentials or install remote code, but it expects the user to supply the controller address and secret and uses examples that make local API and occasional external latency requests.
Guidance: This skill appears to do what it claims: it documents the Clash Verge / mihomo REST API and includes a small Python client. Before installing/using: 1) Only provide the API listening address and secret if you trust the skill and the environment; the secret grants control over your proxy, rules, and connections. 2) Prefer keeping the controller bound to 127.0.0.1 and use a firewall when exposing it externally. 3) Test with read-only endpoints (GET /proxies, GET /group, GET /version) first to confirm behavior. 4) Be aware latency-test examples contact external URLs (e.g., google.com) and debug/pprof endpoints can reveal detailed runtime/connection data — avoid enabling those in sensitive environments. 5) If you plan to run the provided scripts, ensure your environment has the 'requests' (Python) or 'axios' (Node) packages installed from trusted registries. If you want additional assurance, request the author to declare dependencies and a checksum or to provide a signed release/source location.

Review Dimensions

Purpose & Capability: okName, description, SKILL.md, API reference, and the included Python client all consistently implement a REST API controller for Clash Verge / mihomo. There are no unrelated environment variables, binaries, or install steps requested that would be out of scope for this purpose. Minor note: code examples assume the presence of Python 'requests' and Node 'axios' but those dependencies are not declared in metadata.
Instruction Scope: noteSKILL.md restricts actions to calling the Clash Verge REST endpoints (proxies, group, configs, connections, logs, etc.) which is within scope. It explicitly asks the user to provide the API listening address and secret. It also includes latency-test examples that perform outbound requests (e.g., to https://www.google.com) and documents debug/pprof endpoints which can expose detailed runtime and connection metadata — this is expected behavior of the controller but is sensitive in nature.
Install Mechanism: okThere is no install spec and this is instruction-only plus a small client script. Nothing is downloaded or written by an installer. Note: the provided Python script requires the 'requests' library and Node examples use 'axios' — the skill does not declare or install these dependencies.
Credentials: okThe skill does not request platform environment variables or other credentials. It legitimately documents and requires the Clash Verge API 'secret' for authenticated calls; asking the user for that secret is proportional to the functionality. Reminder: the secret is sensitive and should not be shared with untrusted code or over the network.
Persistence & Privilege: okThe skill does not request always:true or other elevated persistence; it is user-invocable and will not be force-included in every agent run. It does not modify other skills' configs or request system-wide credentials.