通用代理管理
AdvisoryAudited by Static analysis on Apr 30, 2026.
Overview
No suspicious patterns detected.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A substituted or tampered proxy binary could execute local code and control or observe proxied traffic.
The skill obtains the executable outside the reviewed package and even suggests unspecified mirror sources, while the artifacts do not provide checksums, signatures, or an install spec.
首次使用时,AI 会自动从 GitHub 下载 mihomo 二进制。... GitHub 镜像:搜索 "GitHub 文件加速" 或使用镜像站
Only download from the official release source, verify a published checksum or signature, avoid generic mirror sites, and require explicit user confirmation before installation.
The agent may run newly downloaded native code on the user's machine before the user has independently verified it.
The instructions download a binary, mark it executable, and run it as part of the default first-use flow.
curl -L https://github.com/MetaCubeX/Clash.Meta/releases/download/v1.18.0/... | gunzip > "$PROXY_SKILL_DIR/bin/mihomo" ... chmod +x ... "$PROXY_SKILL_DIR/bin/mihomo" -d "$PROXY_SKILL_DIR"
Ask before executing downloaded binaries, show the exact source and version, verify integrity, and give the user a chance to inspect or install the binary manually.
The skill could stop unrelated proxy software or change networking for other applications, causing outages or unexpected traffic routing.
The management commands force-kill any process named mihomo and modify Windows proxy settings, without limiting the action to this skill's own process or clearly requiring review.
pkill -9 mihomo ... Get-Process -Name "mihomo" -ErrorAction SilentlyContinue | Stop-Process -Force ... netsh winhttp set proxy
Track and stop only the skill's own PID, confirm before changing system proxy settings, and always show how to revert the change.
Anyone who can read the saved config may be able to reuse the user's proxy subscription or see proxy node details.
Proxy subscription URLs or Base64 subscriptions often contain account-specific tokens or node credentials, and the skill stores the decoded configuration locally.
订阅链接 (URL) 或 直接提供 Base64 编码的订阅 ... base64 -d > "$PROXY_SKILL_DIR/conf/config.yaml"
Use only trusted subscription links, avoid pasting credentials into unrelated chats, and protect the saved config file with appropriate local file permissions.
A malicious or untrusted subscription configuration could persistently redirect sensitive traffic through a proxy the user did not intend to trust.
The persistent proxy configuration controls future routing for AI/developer traffic and can be replaced by a subscription-provided config.
DOMAIN-KEYWORD,openai,代理 ... DOMAIN-SUFFIX,anthropic.com,代理 ... MATCH,代理
Review subscription sources and generated config before use, and periodically inspect the saved config for unexpected routing rules or nodes.
Users may be steered toward a particular paid network provider through the agent's apparent authority.
The skill embeds a recommendation and referral-style code for a specific paid proxy provider inside the setup flow.
推荐机场 ... 邀请码: `1r2daq2s` ... 套餐: ¥15.8/月起,年付仅 ¥169.8
Treat the provider recommendation as advertising, compare alternatives independently, and do not assume the recommended service is vetted by ClawHub.
The proxy service can continue running after the immediate request, affecting later network activity.
The skill creates an installation marker and starts the proxy as a background or hidden process.
nohup "$PROXY_SKILL_DIR/bin/mihomo" ... > "$PROXY_SKILL_DIR/logs/mihomo.log" 2>&1 & ... Start-Process ... -WindowStyle Hidden ... .installed
Use the documented close/reset commands when finished, and check running processes and proxy settings if network behavior seems unexpected.