Back to skill
Skillv1.1.1
ClawScan security
YandexGPT Proxy · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignMar 6, 2026, 1:37 PM
- Verdict
- Benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's requirements, scripts, and instructions are consistent with a local OpenAI-compatible proxy to Yandex Cloud; nothing in the files indicates unexpected credential access or external data exfiltration.
- Guidance
- This skill appears to do what it claims: it runs a local Node proxy that forwards OpenAI-format requests to Yandex Cloud using your YANDEX_API_KEY and YANDEX_FOLDER_ID. Before installing or running: 1) Confirm you trust the skill source (homepage is missing). 2) Inspect ~/.openclaw/yandexgpt.env after creation and set permissions so the API key isn't world-readable. 3) Review scripts/patch-config.sh — it will modify your openclaw.json; back that file up first. 4) The proxy only listens on 127.0.0.1 by default, and network calls are made only to llm.api.cloud.yandex.net, so there is no obvious exfiltration path beyond Yandex. If you need higher assurance, audit src/proxy.js and run the service in a restricted account or container.
Review Dimensions
- Purpose & Capability
- okName/description (OpenAI-compatible proxy for YandexGPT) match the declared env vars (YANDEX_API_KEY, YANDEX_FOLDER_ID), required binaries (node, curl), and the code which translates OpenAI-format requests to Yandex Cloud Foundation Models API calls.
- Instruction Scope
- noteSKILL.md and scripts instruct creating ~/.openclaw/yandexgpt.env, starting a local proxy on 127.0.0.1:8444, and running a script that patches the user's OpenClaw config (~/.openclaw/openclaw.json). These actions are expected for integration, but the patch-config script will modify the user's openclaw.json — review before running.
- Install Mechanism
- okThis is instruction/code-only (no network install). All files are bundled with the skill; there is no download-from-URL or archive extraction. Scripts are simple shell wrappers and the proxy is pure Node.js.
- Credentials
- okOnly YANDEX_API_KEY and YANDEX_FOLDER_ID (and optional YANDEX_PROXY_PORT) are required; these directly correspond to calling Yandex Cloud APIs. The declared primaryEnv is appropriate and no unrelated credentials are requested.
- Persistence & Privilege
- okalways is false and the skill does not request persistent elevated privileges. It writes an env file under ~/.openclaw and uses /tmp for PID/logs; it will modify openclaw.json only if you run the provided patch-config script.