ClawHub

mihomo-deploy-skill

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed deployment helper for running a persistent mihomo proxy service, with operational risks users should review before running it.

Install only if you intend to run a persistent proxy service on a Linux server. Prefer the default 127.0.0.1 controller with SSH tunneling, use a strong secret, back up config.yaml before patching, protect the provider config, and consider pinning or verifying upstream downloads before running them.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Rogue AgentSelf-Modification, Session Persistence
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (4)

Vague Triggers

Medium
Confidence
88% confidence
Finding
The trigger text is very broad and can auto-select this skill for generic 'proxy service' or subscription-config requests, even when the user did not ask to deploy mihomo specifically. That increases the chance of unintended execution of network downloads, config changes, and service installation on a server in contexts where a narrower, safer skill should have been used.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill tells the agent to modify the user's config.yaml in place and even offers fragile sed-based editing, but it does not require a backup or a prominent warning that the original file will be overwritten. This can destroy provider-specific settings or corrupt YAML, causing service failure or loss of the original subscription configuration.

Session Persistence

Medium
Category
Rogue Agent
Content
```bash
systemctl --user daemon-reload
systemctl --user enable mihomo
systemctl --user start mihomo
```
Confidence
92% confidence
Finding
systemctl --user enable

Session Persistence

Medium
Category
Rogue Agent
Content
grep -q "^secret:" "$CONFIG" && sed -i "s/^secret:.*/secret: 'your-secret'/" "$CONFIG" || echo "secret: 'your-secret'" >> "$CONFIG"
```

## Step 7: Create systemd User Service

Create `~/.config/systemd/user/mihomo.service`:
Confidence
90% confidence
Finding
Create systemd User Service Create `~/.config/systemd/user/mihomo.service`: ```bash cat > ~/.config/systemd/user/mihomo.service << 'EOF' [Unit] Description=Mihomo Daemon (User Level) After=network.t

VirusTotal

61/61 vendors flagged this skill as clean.

View on VirusTotal