HTTPeep CLI SKILLS. HTTP API Deubgger | Give the agent the ability to see the network.
PassAudited by ClawScan on May 10, 2026.
Overview
This appears to be a coherent HTTPeep CLI debugging skill, but it gives the agent access to sensitive network-capture, proxy, certificate, and replay commands that users should approve and scope carefully.
Install this only if you want the agent to help debug HTTPeep traffic. Before allowing commands, check whether they affect only a specific app or the whole system, avoid unnecessary HTTPS interception, and make sure captured headers, cookies, tokens, and request bodies are redacted.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If misused, the agent could alter HTTP traffic behavior or remove debugging evidence.
The skill exposes commands that can rewrite traffic rules or delete captured sessions, but it also instructs the agent to require explicit user intent and use backup or dry-run steps.
Run `rules replace`, `rules reset`, or `sessions clear --all --yes` only when the user explicitly asks for persistent replacement, reset, or full cleanup. Show or run the backup/dry-run command first when possible.
Only allow persistent rule edits or session deletion for clearly requested debugging tasks, and review proposed commands before they run.
System-wide proxying or certificate trust changes could expose HTTPS traffic, cookies, tokens, or other account data to the debugging tool.
Installing HTTPS interception certificates or changing the system proxy can expand the agent's visibility into user traffic, but the skill explicitly gates these actions on user approval.
Run `cert install`, `cert uninstall`, `proxy system on`, and `proxy system off` only when the user explicitly asks for certificate trust or system-wide proxy changes.
Use scoped proxy settings when possible, and approve certificate or system-wide proxy changes only when you understand the effect.
Running a remote installer gives code from that URL control over the local environment.
The reference includes a remote install script piped directly to bash; this is a common but higher-trust installation pattern.
curl -fsSL https://s1.httpeep.com/install-cli.sh | bash
Prefer official installers or inspect the script and verify the source before running curl-to-bash commands.
Sensitive traffic details could be included in agent notes, summaries, logs, or final answers if not redacted.
The skill may inspect or summarize captured HTTP sessions that contain sensitive headers, cookies, authorization tokens, or request bodies.
Avoid logging secrets from headers, cookies, Authorization values, or request bodies. Redact sensitive values before reporting.
Limit capture filters, avoid broad session dumps, and confirm that secrets are redacted before sharing outputs.