ClawHub

cloudbypass

Use Cloudbypass API (穿云API/穿云) to fetch pages protected by Cloudflare/Turnstile/JS challenge. Use when normal requests fail with challenge/403 and compliant...

MIT-0 · Free to use, modify, and redistribute. No attribution required.
0 · 201 · 0 current installs · 0 all-time installs
by@chuanchuan007
MIT-0
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name and description match the implementation: the code calls api.cloudbypass.com and requires an API key (CLOUDBYPASS_APIKEY) and an optional proxy for v2/v2s. No unrelated services, binaries, or config paths are requested.
Instruction Scope
SKILL.md instructs use of the bundled script and documents the required env vars and network target (api.cloudbypass.com). The script uses a few environment variables (CLOUDBYPASS_APIKEY, CLOUDBYPASS_PROXY, CLOUDBYPASS_PART, CLOUDBYPASS_SITEKEY and CLOUDBYPASS_MODE). SKILL.md documents the first four but does not mention CLOUDBYPASS_MODE (used only as a default selection), which is a minor omission. The instructions explicitly warn about legal/ethical use and that the API key will be sent to the external Cloudbypass service.
Install Mechanism
There is no install spec — this is an instruction-only skill with a bundled JS implementation. Nothing is downloaded or executed from arbitrary external URLs during install.
Credentials
Only an API key and (for some modes) a proxy and optional site/partition identifiers are requested, which are proportionate to a remote anti-bypass service. No unrelated SECRET/TOKEN/PASSWORD environment variables or cloud credentials are requested.
Persistence & Privilege
The skill does not request always:true, does not alter other skills' configuration, and has no special persistence or system-wide privileges.
Assessment
This skill is internally coherent, but before installing consider: (1) you will be sending your CLOUDBYPASS_APIKEY to api.cloudbypass.com — ensure you trust that service and understand billing/usage; (2) using bypass tools may violate a target site's terms of service or local law — confirm legal/ethical permission before use; (3) for V2/V2S you must supply a proxy (CLOUDBYPASS_PROXY); (4) rotate and monitor the API key and limit its scope where possible; (5) review network egress policies if running in sensitive environments. If you need more assurance, request the author's provenance/homepage or an independent security review of the Cloudbypass service.

Like a lobster shell, security has layers — review code before you run it.

Current versionv0.0.5
Download zip
latestvk97ba4bz7hgppcvev36bzx87js828fw9

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

SKILL.md

Use the bundled script to call Cloudbypass API.

  • Script: {baseDir}/scripts/cloudbypass_request.js

Required env:

  • CLOUDBYPASS_APIKEY (required)
  • CLOUDBYPASS_PROXY (required for V2/V2S)
  • CLOUDBYPASS_PART (optional, default: 0)
  • CLOUDBYPASS_SITEKEY (optional)

Security / usage notes:

  • API key is sent to api.cloudbypass.com to perform requests and may incur billing.
  • Review legal/ethical permissions before bypassing site protections.
  • For autonomous usage, scope targets and monitor/rotate keys.

Quick usage

const skill = await openclaw.getSkill('cloudbypass');

// V1 (simple)
const r1 = await skill.get('https://example.com');

// V2 (challenge-heavy; proxy required)
const r2 = await skill.requestV2({
url: 'https://example.com',
proxy: process.env.CLOUDBYPASS_PROXY
});

Files

2 total
Select a file
Select a file to preview.

Comments

Loading comments…