V2rayn
PassAudited by ClawScan on May 1, 2026.
Overview
This instruction-only skill is coherent with managing V2RayN, but users should notice the optional cron-based background check, local V2RayN config access, and restart commands.
This skill appears safe for its stated V2RayN management purpose, but do not add the cron job or run restart commands unless you want that behavior. Review any output from V2RayN config or logs before sharing it, because proxy node names and configuration details can be sensitive.
Findings (5)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If installed, the check script would keep running every 30 minutes, testing the proxy and writing local logs.
This is a disclosed recurring background task for health checks; it is purpose-aligned, but it persists until the user removes it.
Create a cron job: */30 * * * * /path/to/check_v2rayn.sh
Only add the cron job after explicit user approval, use a reviewed script path, and document how to disable or remove it.
The agent may access local proxy configuration information while listing or checking nodes.
The skill reads local V2RayN node configuration, which may include sensitive proxy connection details, although the shown commands only print node names/status fields.
MAIN_CONFIG="$CONFIG_DIR/guiNConfig.json" ... servers = d.get('vmess',[]) + d.get('vless',[]) + d.get('trojan',[])Avoid exposing full configuration contents; keep outputs limited to non-secret fields such as node names and status.
Running the restart command may temporarily break or change the user's proxy/network behavior.
The skill documents commands that can terminate and restart the local proxy client; this fits the troubleshooting purpose but can interrupt connectivity.
pkill -f v2rayN open /Applications/v2rayN.app
Ask before running restart or process-kill commands, and show the exact command to the user first.
Local logs may retain a history of proxy health checks and node names until deleted.
The health-check script stores persistent local logs containing proxy status and current node names.
LOG_FILE="$HOME/.openclaw/logs/v2rayn_check.log" ... log "✅ Node is working: $(get_current_node)"
Keep the log file local, protect it with normal user permissions, and delete or rotate it if node names or usage history are sensitive.
A user might expect automatic failover even though the provided implementation mainly detects failure and alerts the user.
The overview claims automatic recovery, but the provided script only logs manual recovery steps when a node fails.
This skill automatically: ... update subscription ... Select a new working node ... log "Please manually:"
Treat the cron script as a health alert unless real, reviewed failover logic is added; update the documentation to match the actual behavior.