Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
ProxyBase
v1.0.12Purchase and manage SOCKS5 residential proxies via ProxyBase API with cryptocurrency payments. Supports order creation, payment polling, proxy delivery, band...
⭐ 1· 481·2 current·2 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
medium confidencePurpose & Capability
Name/description match the observed behavior: the scripts call the ProxyBase REST API, create orders, poll payments, deliver SOCKS5 credentials, and support top-ups/rotation. Declared binaries (curl, jq) are exactly what the scripts use; required env vars (PROXYBASE_API_URL and PROXYBASE_API_KEY) are appropriate for a REST API client.
Instruction Scope
SKILL.md and the scripts stay within the proxy purchase/management scope. Two items to be aware of: (1) the skill performs a zero‑config 'register' POST the first time it runs and writes the returned API key into {baseDir}/state/credentials.env (automatic account creation may be surprising); (2) the skill can inject proxy settings into your OpenClaw gateway/systemd service and restart it, which changes system/network behavior beyond simple API calls.
Install Mechanism
Install spec only recommends installing jq via Homebrew; no external downloads or archive extraction are used. This is low-risk and proportionate for an instruction+script skill that relies on jq.
Credentials
Only PROXYBASE_API_URL (configurable) and PROXYBASE_API_KEY (primary credential) are required. No unrelated secrets or system-wide credentials are requested. The skill stores the API key in its own state directory (credentials.env).
Persistence & Privilege
always:false (normal). The skill writes state files under its own {baseDir}/state directory and uses file-locking there. It does, however, provide an 'inject-gateway' action that edits the user's OpenClaw gateway systemd config and restarts the gateway — this grants it the ability to route all agent traffic through the purchased proxy, which is functionally required for 'global injection' but is a privileged, system-impacting action the user should explicitly approve.
Assessment
This skill appears to do what it says: it contacts api.proxybase.xyz to register an agent (auto-register on first run), create crypto payment invoices, poll confirmations, and write SOCKS5 credentials to {baseDir}/state/.proxy-env or inject them into your OpenClaw gateway. Before installing: 1) Verify you trust https://proxybase.xyz and are OK with the skill creating an agent/account and storing the returned API key under the skill's state directory. 2) Be cautious about using the 'inject-gateway' feature — it will modify your OpenClaw gateway/systemd configuration and restart the gateway, causing all agent network traffic to flow through the purchased proxy (this may expose sensitive requests to the proxy operator). 3) Review the state directory (credentials.env, .proxy-env, orders.json) and backup/remove keys you don't want persisted. 4) If you require stronger control, run commands manually (use the scripts without enabling automated injection/cron) and confirm each payment/address before sending crypto. The test harness references a helper (lib/common.sh) that isn't present in the manifest; this looks like a minor test packaging issue, not malicious behavior.Like a lobster shell, security has layers — review code before you run it.
latestvk970vb4rn85xez31akb4wh98fh833136
License
MIT-0
Free to use, modify, and redistribute. No attribution required.
Runtime requirements
🌐 Clawdis
Binscurl, jq
EnvPROXYBASE_API_URL
Primary envPROXYBASE_API_KEY
Install
Install jq (brew)
Bins: jq
brew install jq