Adblock Dns
WarnAudited by ClawScan on May 10, 2026.
Overview
The skill has a coherent DNS ad-blocking purpose, but it asks users to run unavailable privileged scripts as a boot-starting root DNS service that logs network DNS activity.
Treat this as a review-required install. The idea is reasonable for a DNS ad blocker, but do not run the setup until the referenced scripts and server code are available and inspected. If you proceed, confirm the service file, restrict the stats API to localhost, understand the DNS logs it stores, and know how to stop and remove the systemd service.
Findings (5)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A user would be asked to run code that is not included in the reviewed skill package, potentially with root privileges.
Only SKILL.md is present, but the instructions reference setup.sh and dns-server.js for privileged operation, so the runnable implementation and dependency behavior are not reviewable.
1 file(s): SKILL.md (5813 bytes)
Do not run the setup commands until the referenced scripts and server code are present, inspectable, and from a trusted source.
If the referenced code is unsafe, it could make privileged system changes or affect the machine beyond DNS blocking.
The skill requires sudo/root authority and installs a root service, which is high-impact authority for an instruction-only package whose implementation is not supplied.
Create a systemd service (runs as root, starts on boot, auto-restarts) ... The user will need to enter their sudo password once during setup.
Require explicit user approval, review the service file and server code first, and prefer least-privilege operation where possible.
The DNS service may continue affecting network traffic until explicitly stopped or removed.
Persistent operation is expected for a DNS server, but users should notice that it keeps running after setup and automatically restarts.
runs as root, starts on boot, auto-restarts
Verify the systemd service configuration and know how to stop, disable, and remove it before installation.
The service could create a sensitive local record of network activity, and it is unclear who or what can read the stats API.
DNS query logs and statistics can reveal browsing and app activity across all devices using the server, but retention and API access controls are not described.
All queries are logged with stats ... Start a stats API on port 8053 ... data/stats.json - Query statistics
Clarify what is logged, where it is stored, how long it is retained, and whether the stats API is bound to localhost and protected.
An incorrect whitelist or blacklist change could break websites or reduce blocking for devices using this DNS server.
The skill exposes local API commands that mutate DNS allow/block behavior and update lists; these actions are purpose-aligned but can affect multiple devices.
curl -s -X POST http://localhost:8053/whitelist/add ... curl -s -X POST http://localhost:8053/blacklist/add ... curl -s -X POST http://localhost:8053/update
Confirm the exact domain and intended effect with the user before changing allow/block lists or forcing updates.