Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Anyone Procotol Proxy
v0.1.0This skill enables IP address masking and accessing hidden services on the Anyone Network. Route requests through the Anyone Protocol VPN network using a local SOCKS5 proxy.
⭐ 0· 2.6k·3 current·3 all-time
by@ra3ka
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The name/description, the declared dependency (@anyone-protocol/anyone-client in SKILL.md), and the runtime instructions all align: the skill's purpose is to run a local SOCKS5 proxy that routes traffic through the Anyone Network, and the SKILL.md shows how to install and start that client.
Instruction Scope
The SKILL.md instructs the agent/operator to install an npm package globally and to start a local SOCKS5 proxy that 'persists across requests.' Running such a proxy allows arbitrary traffic (including potentially sensitive agent data) to be routed through the Anyone Network. The instructions do not require or request unrelated local files or credentials, but they do give broad discretion to route traffic and persist the proxy, which could be abused if the package or network is malicious or misconfigured.
Install Mechanism
There is no formal install spec in the registry entry; instead the SKILL.md tells you to run npm install -g and npx for @anyone-protocol/anyone-client. Installing and executing code from npm is a moderate-risk operation because packages can include arbitrary code and postinstall hooks. The SKILL.md does not pin a version, provide checksum/integrity, or point to a verified source repo for the package.
Credentials
The skill does not request environment variables, system config paths, or unrelated credentials. The requested capability (a network proxy) does not require additional secrets in the metadata provided.
Persistence & Privilege
always:false (normal). However the instructions state the proxy 'persists across requests' once started. While the skill does not request always:true or system-level config changes, a persistent proxy can change the agent's network behavior long-term. Autonomous invocation is allowed by default (disable-model-invocation:false), which combined with a persistent proxy increases the blast radius if the package or network is malicious.
What to consider before installing
This skill is coherent with its stated purpose (running an Anyone Network SOCKS5 proxy) but it requires installing and running an unvetted npm package that will route traffic through a third‑party anonymity network. Before installing or running it: 1) Verify the package's source — check the package on npm, its GitHub repository, maintainers, recent releases, and issues; 2) Prefer installing in an isolated environment (container, VM, or sandbox) rather than globally on your machine or host that runs agents; 3) Pin to a specific package version and, if possible, verify integrity (checksums); 4) Audit the package code (especially install/postinstall scripts) or rely on a vetted mirror; 5) Understand that once running, the proxy can carry any agent traffic (including secrets if you don't restrict what gets routed) — do not route sensitive requests until you trust the client/network; 6) Consider logging/monitoring network usage and starting the proxy manually under your control rather than letting the agent start it automatically. If you cannot verify the package and its maintainers, treat this skill as high-risk and avoid installing it on production or privileged hosts.Like a lobster shell, security has layers — review code before you run it.
anyonevk97dx2jkayz4a0mec0y8ywp751802tjbanyone-protocolvk97dx2jkayz4a0mec0y8ywp751802tjblatestvk97dx2jkayz4a0mec0y8ywp751802tjbproxyvk97dx2jkayz4a0mec0y8ywp751802tjb
License
MIT-0
Free to use, modify, and redistribute. No attribution required.