ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Proxy Cn

v1.0.0

在中国大陆或受限网络环境下,为访问 GitHub、OpenAI、npm、PyPI、Docker Hub 等境外服务自动或按需注入 http_proxy / https_proxy / ALL_PROXY(本地 SOCKS5 + HTTP 端口)。 在用户需要执行 curl、git、npm、pip、docker p...

0· 57·0 current·0 all-time
by@clawkk
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The name/description (inject local http/socks proxy env vars for outbound commands) aligns with required binaries (bash) and the provided Bash scripts. However, the SKILL.md/README reference Windows PowerShell scripts (proxy.ps1, proxy-env.ps1) that are not present in the package, and skill.json reports a different version than the registry metadata—small but relevant mismatches.
!
Instruction Scope
Runtime instructions are narrowly scoped to checking local proxy availability and setting environment variables or exec'ing the user command. That is appropriate. Concern: the docs instruct using proxy.ps1 / proxy-env.ps1 on Windows, but those files are not included; an agent following those instructions on Windows would fail or may attempt alternative actions. The scripts call exec "$@" which intentionally runs the user-supplied command under the injected environment—expected for the purpose but worth noting because it executes arbitrary commands.
Install Mechanism
No install spec. The skill is instruction-first with small included shell scripts; nothing is downloaded or written by an installer. This is low-risk from an installation perspective.
Credentials
The skill requests no credentials or sensitive environment variables. Optional PROXY_* variables are reasonable for configuration. The scripts only set proxy-related env vars and a no_proxy list.
Persistence & Privilege
always:false and no install are good. The skill allows the agent to exec commands (normal for a wrapper). Because model invocation is permitted (platform default), an autonomous agent could invoke this skill to run commands that perform network access via the user's proxy—this is expected but the user should be aware.
What to consider before installing
This skill's core functionality is coherent and low-risk: it sets local proxy environment variables and runs the requested command. Before installing or using it, check the following: 1) The package references Windows PowerShell scripts (proxy.ps1, proxy-env.ps1) but they are not included—if you need Windows support, request or inspect those files first. 2) Metadata mismatch: registry version (1.0.0) vs skill.json (1.1.0) is a minor inconsistency—confirm the source. 3) Inspect the included proxy.sh and proxy-env.sh locally (they are short and readable) to verify no unexpected network endpoints or telemetry. 4) Ensure a local proxy client (Clash/V2Ray/etc.) is actually running on the expected ports before using the skill. 5) Be mindful that when the agent or you use this wrapper it will exec arbitrary commands under the proxy environment—avoid running commands containing sensitive credentials unless you trust your local proxy and network. If you plan to use this on Windows, request the missing PowerShell scripts or run the Bash route in WSL/Git Bash instead.

Like a lobster shell, security has layers — review code before you run it.

latestvk97729f15c5jgvtmhqb8rprz4984f8jt

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

Binsbash

Comments