Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
mihomo-proxy
v1.0.0管理 mihomo (Clash Meta) 代理服务。当用户需要配置、更新、重启代理、切换节点、更新订阅或排查代理连接问题时使用。适用于已有 mihomo 二进制和配置的 Linux 服务器。
⭐ 0· 45·0 current·0 all-time
by@lflyice
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
high confidencePurpose & Capability
The skill's name, description, SKILL.md and included script align with managing mihomo and generating config from subscription feeds. However the package metadata declares no required binaries while the instructions and script clearly expect systemctl, curl, and node (and an existing /opt/mihomo binary and /opt/mihomo-config path). The missing declared runtime dependencies is an inconsistency users should note.
Instruction Scope
Instructions and the script operate within the expected domain (download subscription, parse nodes, write /opt/mihomo-config/config.yaml, restart mihomo). However the script runs a shell curl via execSync using the user-supplied subscription URL inside a template literal: execSync(`curl -sL '${subUrl}' -o ${SUB_FILE}`); this is susceptible to shell/command injection if the URL contains crafted characters (e.g., single quotes or shell metacharacters). The skill also causes writes to system paths and restarts systemd services — expected for this purpose but high-privilege actions that should be run only with trusted inputs and appropriate privileges.
Install Mechanism
This is an instruction-only skill with no install spec, which is low risk for supply-chain installs. But it requires a node runtime to run scripts and curl/systemctl to be present; those runtime requirements are not declared in the metadata.
Credentials
The skill requests no credentials or environment variables and does not attempt to read unrelated secrets. It does read /tmp/sub_raw.txt and write /opt/mihomo-config/config.yaml and assumes permission to restart the mihomo service — these filesystem and service accesses are proportional to managing a local proxy service.
Persistence & Privilege
The skill is not marked always:true and does not request permanent platform-level presence. It writes a configuration file and restarts the mihomo systemd service (expected behavior for this purpose) but does not modify other skills or global agent settings.
What to consider before installing
This skill appears to do what it says (generate mihomo config from a subscription and manage the service), but proceed carefully: 1) It requires node, curl, and systemctl though the metadata doesn't declare them — ensure those are present and you understand why. 2) The included script executes curl via a shell command using the provided subscription URL without sufficient escaping, creating a command-injection risk if the URL is maliciously crafted. Only use subscription URLs from trusted providers and avoid copying untrusted links. 3) The skill writes to /opt/mihomo-config/config.yaml and restarts systemd services, so it needs appropriate privileges; back up your existing config before running. 4) If you plan to use this, consider reviewing or patching scripts: replace execSync with a safe HTTP client (e.g., node https/axios or child_process.execFile) or properly sanitize/escape the URL, and run the tool as a non-root user or in a sandbox. 5) If you are not comfortable auditing or patching the code, treat the skill as potentially dangerous and avoid installing it on production systems.scripts/gen_config.js:91
Shell command execution detected (child_process).
Patterns worth reviewing
These patterns may indicate risky behavior. Check the VirusTotal and OpenClaw results above for context-aware analysis before installing.Like a lobster shell, security has layers — review code before you run it.
latestvk976ze76hh0s1jb8a794qctnns84gfzn
License
MIT-0
Free to use, modify, and redistribute. No attribution required.