Skillv3.0.0

ClawScan security

searxng-auto-proxy searxng自适应代理检测 · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousMar 21, 2026, 7:37 AM

Verdict: suspicious
Confidence: high
Model: gpt-5-mini
Summary: The skill mostly matches its stated purpose (adaptive proxy for SearXNG) but contains multiple inconsistencies (missing/ mismatched files, docs vs runtime differences, and surprising filesystem defaults) that warrant caution before installing or running it.
Guidance: This package implements an adaptive proxy monitor for SearXNG and generally fits its description, but there are several red flags you should address before installing: (1) The bundle appears incomplete or inconsistent — documentation references many modules, CLI commands, and tests that are not present in the file list. Expect the provided adapter.py to be only part of the claimed system. (2) Default file paths are under /root/.openclaw and logs/caches will be written there; avoid running it as root or on a production host until you review/adjust paths. (3) SKILL.md and code disagree about config locations and environment variables (e.g., SEARXNG_SECRET_KEY, CLASH_API). Verify which variables the running code actually reads and do not paste secrets into examples until confirmed. (4) The start script backgrounds the process — run interactively first to observe behavior. (5) The adapter performs outbound HTTP requests (probing search engines) and will call your local Clash API; run in an isolated environment (container or VM) if you want to test safely. (6) If you lack the missing modules/CLI, expect runtime errors; inspect adapter.py fully for any network callbacks or hidden endpoints before use. If you want, I can: (a) diff the full adapter.py to show exactly which env vars/paths it uses, (b) search the code for any network endpoints beyond the documented ones, or (c) suggest minimal config changes to run it safely in a container.

Review Dimensions

Purpose & Capability: noteThe code and docs implement an adaptive proxy/optimizer for SearXNG and Clash which is coherent with the skill name. However there are mismatches: SKILL.md claims v4.0.0 while registry and adapter header are v3.0.0; the documentation references many modules (ml_predictor, engine_manager, web_panel, tests) that are not present in the provided file list (only adapter.py and start-adapter.sh). The README/commands reference a CLI 'searxng-proxy' and a Python package import path (skills.searxng_auto_proxy) that are not provided. These inconsistencies mean the delivered bundle is incomplete or the docs are stale.
Instruction Scope: concernSKILL.md instructs running Docker containers and a CLI and exposes environment variables and config file locations, but adapter.py uses different default paths (e.g. /root/.openclaw/searxng/proxy-rules.yml, /root/.openclaw/logs/...). The docs suggest config at /etc/searxng/auto-proxy.yaml and environment vars like SEARXNG_SECRET_KEY, but the skill's declared requirements list none. The adapter will probe external URLs (google, github, etc.) and will read/write cache/log files under /root/.openclaw — this behaviour is expected for a proxy monitor but the instructions also tell the agent to run commands that don't exist in the bundle (searxng-proxy) and to import modules that are missing, giving the agent broad discretion without the matching code.
Install Mechanism: noteThere is no automated install spec (instruction-only), which reduces installer risk. However the package includes executable code (adapter.py) and a start script that uses nohup to background the process. Because the skill will be run from source, the usual risks of executing third-party Python code apply. Dependencies listed in requirements.txt (requests, numpy, pyyaml) are reasonable for the described ML/polling tasks but numpy is a heavier dependency than strictly necessary for simple probing and suggests additional functionality not present in the provided files.
Credentials: concernRegistry metadata declares no required environment variables, but SKILL.md and adapter.py expect and use configuration via environment variables and config files (CONFIG_FILE, LOG_FILE, CLASH_API, CACHE_FILE; SKILL.md documents SEARXNG_URL/SECRET_KEY, CLASH_HOST/PORT, etc.). The adapter writes to and reads from paths under /root/.openclaw by default, which gives it filesystem access to those locations and could overwrite other data. No explicit secret-scoped variables are enforced by the registry, yet the docs reference a SearXNG secret key — this mismatch is noteworthy and potentially risky if users are prompted to supply secrets without clear gating.
Persistence & Privilege: noteThe skill does not request always:true and is user-invocable only (normal). The included start-adapter.sh backgrounds the adapter (nohup ...) and adapter.py is designed as a long-running background service that reads/writes persistent cache and log files under /root/.openclaw. Running as a service is expected for this function, but you should be aware it will create persistent files and a background process; the default paths target root-owned locations which may require elevated privileges.