Clash VPN

The skill is designed to manage Clash VPN, operating with implied root privileges (config in `/root`, binary in `/usr/local/bin`). The `scripts/clash-vpn.sh` script directly writes user-provided configuration content (read from stdin) to `/root/.config/clash/config.yaml`. This creates a significant Remote Code Execution (RCE) vulnerability risk, as Clash configurations can include features like `script` rules or `external-controller` settings that could be exploited by a malicious user providing a crafted configuration through the agent. While the skill's intent is functional, the direct writing of unsanitized user input to a sensitive, executable configuration file with root privileges makes it highly suspicious.