ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

proxy auto config

v1.0.0

自动检测和配置系统代理设置,特别为 OpenClaw Gateway 优化。使用场景包括:1) Gateway 启动时自动检测代理,2) 自动配置环境变量,3) 创建代理启动脚本,4) 定时检查代理状态,5) 支持 v2ray、Clash、SS/SSR 等常见代理工具。当系统使用代理网络环境时自动触发。

0· 68·0 current·0 all-time
byMaiiNor@rutianze
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
high confidence
Purpose & Capability
Name/description match the code: scripts detect environment proxies, running proxy processes, listening ports, read proxy config files, write proxy config and Gateway updates, and create start hooks. The requested capabilities are coherent with a proxy auto-config skill.
!
Instruction Scope
The runtime instructions and install script instruct the agent/user to read many user files (~/.bashrc, ~/.zshrc, various app config paths on the user's home), detect processes/ports, and write configuration under ~/.openclaw, ~/.local/bin and ~/.config/systemd/user. These actions are within the stated purpose but are broad in scope: the skill will parse arbitrary user config files (which may contain credentials), and it writes files and hooks that will be executed automatically. Also, scripts set NODE_TLS_REJECT_UNAUTHORIZED=0 and clear REQUESTS_CA_BUNDLE in generated environment — this disables TLS verification for Node (and may affect Python requests behavior), which is a security risk unrelated to simply 'detecting proxies'.
Install Mechanism
No external install spec (instruction-only + included scripts). The bundle includes a venv folder (pyvenv.cfg) which is unusual but not itself executable. Because code is included, installation runs local Python scripts which will write files and run system commands (crontab, systemctl). No remote downloads were observed in the provided files.
!
Credentials
The skill does not request credentials explicitly, which is appropriate. However it scans many user config paths (shell rc files and app config files) and will persist discovered proxy URLs (which can include credentials) unencrypted under ~/.openclaw/proxy_config and in generated startup scripts. It also sets NODE_TLS_REJECT_UNAUTHORIZED=0 and clears REQUESTS_CA_BUNDLE in generated scripts—these environment changes weaken TLS security system-wide for processes using those env vars.
!
Persistence & Privilege
The install script creates persistent artifacts: cron jobs (via crontab), a Gateway hook (~/.openclaw/gateway_proxy_hook.sh), a wrapper script in ~/.local/bin, systemd user service/timer files and attempts to enable/start them. Of particular concern: the installer writes a temporary cron file and invokes 'crontab <file>' — this will replace the user's entire crontab rather than append, which can silently remove unrelated scheduled jobs. Creating persistent hooks and timers is consistent with the feature but raises privilege/persistence concerns the user should review.
What to consider before installing
This skill appears to implement proxy detection and Gateway integration as advertised, but you should NOT install it blindly. Before installing: 1) Review the scripts yourself (or run them in a safe VM/container) — they will read shell and app config files and may capture proxy URLs that include credentials. 2) Backup your crontab (crontab -l > cron.bak) because the installer calls 'crontab <file>' which will replace your crontab entries. 3) Note the installer creates systemd user timers and a wrapper script (~/.local/bin/openclaw-proxy) and a Gateway hook; be prepared to remove those if unwanted. 4) The scripts set NODE_TLS_REJECT_UNAUTHORIZED=0 and clear REQUESTS_CA_BUNDLE in generated env scripts — this disables TLS certificate validation for Node (and may weaken Python requests). Remove or change those lines before using if you care about TLS integrity. 5) If you want reduced risk, modify the installer to (a) append to crontab instead of replacing it, (b) avoid automatically enabling systemd timers, and (c) do not globally disable TLS verification. 6) If unsure, test in an isolated account or VM first and inspect any saved proxy configuration files (~/.openclaw/proxy_config/) for embedded credentials.

Like a lobster shell, security has layers — review code before you run it.

latestvk9709dt43xkhz9jk0qytf5hjd983vvd4

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments