ClawHub

Web Fetch Fake-IP Workaround

v1.0.2

Legacy workaround for web_fetch fake-ip failures on older npm-global OpenClaw installs. Use when web_fetch is blocked under Clash, Mihomo, or Surge fake-ip m...

0· 145·1 current·1 all-time
byxingxing@xing-xing-coder

Install

OpenClaw Prompt Flow

Install with OpenClaw

Best for remote or guided setup. Copy the exact prompt, then paste it into OpenClaw for xing-xing-coder/web-fetch-fakeip.

Previewing Install & Setup.
Prompt PreviewInstall & Setup
Install the skill "Web Fetch Fake-IP Workaround" (xing-xing-coder/web-fetch-fakeip) from ClawHub.
Skill page: https://clawhub.ai/xing-xing-coder/web-fetch-fakeip
Keep the work scoped to this skill only.
After install, inspect the skill metadata and help me finish setup.
Use only the metadata you can verify from ClawHub; do not invent missing requirements.
Ask before making any broader environment changes.

Command Line

CLI Commands

Use the direct CLI path if you want to install manually and keep every step visible.

OpenClaw CLI

Bare skill slug

openclaw skills install web-fetch-fakeip

ClawHub CLI

Package manager switcher

npx clawhub@latest install web-fetch-fakeip
Security Scan
VirusTotalVirusTotal
Pending
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description match the included script and instructions. The script searches the global OpenClaw install and inserts a single policy line into the web_fetch call — this is coherent with a legacy workaround for npm-global OpenClaw installs.
Instruction Scope
The SKILL.md and script explicitly instruct modifying files under the global openclaw package directory (searching for fetchWithWebToolsNetworkGuard and inserting a policy line). This is within the stated purpose, but it is an on-disk code modification that requires write permission and can affect runtime behavior — inspect the target file with the provided 'inspect' mode and keep the backups before applying.
Install Mechanism
No install step or external downloads are used. The workaround is delivered as an included shell script + embedded Node code, so nothing is fetched from external URLs during execution.
Credentials
The skill does not request credentials or external service keys. It optionally reads OPENCLAW_PKG_DIR (to locate the package) and uses npm / command-available lookups; this is appropriate for locating a globally installed package.
Persistence & Privilege
The skill does not request persistent inclusion and does not modify other skills/config beyond the OpenClaw package files. However, it performs permanent edits to installed package code (and writes backup files) — those changes persist until reverted or the package is upgraded. Running the script may require elevated filesystem permissions for global npm dirs.
Assessment
This skill appears internally consistent and contains no network exfiltration or secret access, but it edits installed OpenClaw JavaScript files — an impactful action. Before running: (1) run 'bash patch-openclaw-global-fakeip.sh status' and 'inspect' to verify the exact patch window and ensure the script targets the intended file; (2) ensure you have recent backups or let the script create them and confirm their presence; (3) avoid running as root unless you understand the implications — prefer running as the user that manages the OpenClaw install; (4) prefer the built-in openclaw.json config fix if your OpenClaw is v2026.4.10 or newer; (5) verify the script source/trust (no homepage provided; README points to a GitHub repo) if you need organizational assurance. If anything about the 'inspect' output looks unexpected, do not apply the patch.

Like a lobster shell, security has layers — review code before you run it.

latestvk9704a695zq88972sg0r9y5ygd84q9yc
145downloads
0stars
3versions
Updated 2w ago
v1.0.2
MIT-0
xingxing@xing-xing-coder
latest
Download

web_fetch Fake-IP Workaround

Apply a small, reversible patch so web_fetch works under TUN + fake-ip environments that resolve through 198.18.0.0/15.

Best fit

Use this skill when:

  • OpenClaw was installed with npm install -g openclaw
  • You use Clash, Mihomo, or Surge with fake-ip enabled
  • web_fetch fails with private/internal/special-use IP blocking
  • Your OpenClaw version is older than v2026.4.10
  • You need a legacy workaround because the config-based fix is unavailable

Not for

  • OpenClaw v2026.4.10 or later, use openclaw.json instead
  • Source-built OpenClaw
  • Certificate problems
  • Proxy rule or port mistakes
  • Missing proxy environment variables

What changes

The script finds the bundled web_fetch call to fetchWithWebToolsNetworkGuard({...}) and inserts:

policy: { allowRfc2544BenchmarkRange: true }, // openclaw-fakeip-patch

This only opens the RFC2544 benchmark range used by common fake-ip setups.

Workflow

bash patch-openclaw-global-fakeip.sh status
bash patch-openclaw-global-fakeip.sh inspect
bash patch-openclaw-global-fakeip.sh apply
openclaw gateway restart

Then retry the failing web_fetch request.

Revert

bash patch-openclaw-global-fakeip.sh revert
openclaw gateway restart

Notes

  • Safe to run repeatedly
  • Creates backup files on apply/revert
  • After OpenClaw upgrades, rerun if needed
  • On v2026.4.10+, prefer the built-in config fix instead of this patch

Resources

  • scripts/patch-openclaw-global-fakeip.sh
  • references/README.md

Comments

Loading comments...