Stealth Proxy
ReviewAudited by ClawScan on May 10, 2026.
Overview
The skill is transparent about VPN switching, but it can change your network route and automatically retry blocked workflows, so it deserves review before use.
Before installing, decide whether you are comfortable letting an agent control VPN or exit-node routing. Prefer diagnose-only first, avoid using it to bypass legal or terms restrictions, and require separate confirmation before it retries any workflow that can modify accounts, make trades, post content, or perform purchases.
Findings (5)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A blocked workflow could be retried under a different IP or region and may perform actions the user did not carefully re-approve in that new context.
After changing the network route, the skill can retry a previously blocked workflow. The example suggests a potentially financial workflow, and the artifacts do not clearly constrain the resumed task to safe, read-only actions.
re-run blocked task with bounded retries ... `blocked_task_name` (example: `prediction-market-arbitrage`) ... `risk_mode` (`diagnose-only`, `switch-and-verify`, `switch-and-resume`)
Use diagnose-only or switch-and-verify by default, and require a separate explicit confirmation before resuming any workflow that can trade, post, purchase, modify accounts, or affect third-party services.
Your machine's traffic may be routed through a VPN, WireGuard profile, or Tailscale exit node, which can affect connectivity, privacy, and service access.
The skill intentionally uses shell-level tooling to control VPN or exit-node routing. This is purpose-aligned, but it is high-impact because it can change local network behavior.
Use as control plane: - executable detection, - connect/disconnect wrappers, - retry and cleanup logic ... `tailscale up --exit-node=<node>`
Only run it with a tunnel path you trust, verify the selected region and exit node/profile, and confirm there is a clear disconnect or rollback step.
The agent may operate through an authenticated VPN or tailnet account and change routing using that account's privileges.
The skill depends on existing VPN, WireGuard, or Tailscale authorization. This is expected for the stated purpose, but users should recognize that it uses local account/session authority.
Required access: - valid account/session for selected tunnel path - local executable for selected path (`nordvpn`/`mullvad`/`expressvpn` or `wg` or `tailscale`)
Use a dedicated, least-privileged tunnel profile where possible, and do not provide access to VPN or tailnet accounts that should not be controlled by the agent.
Running the setup block may install or update multiple agent skills, potentially changing tool behavior outside this VPN workflow.
The setup instructions rely on latest-version installs and include an update-all command. This is user-directed setup, but it can change installed skills beyond this one.
npx -y clawhub@latest install shell-scripting ... npx -y clawhub@latest install moltguard ... npx -y clawhub@latest update --all
Install only the dependencies you need, review each dependency, and avoid update-all unless you intend to update every installed skill.
External services may receive your public IP information, geolocation query data, or selected prompt/tool content if those optional modes are enabled.
The skill may use external provider APIs for IP/geolocation verification and optional prompt/tool-content screening. This is disclosed and purpose-aligned, but it can involve sending network metadata or workflow content to third-party services.
Optional keys: - `MOLTGUARD_API_KEY` ... - `IPINFO_TOKEN` ... Use as prompt/tool security guardrail: - sanitize sensitive prompt/tool content
Enable optional remote checks only when needed, avoid sending secrets in prompts or logs, and confirm which provider receives which data.