Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Oskill Proxy
v1.0.0Android组件调用代理。通过本地HTTP API在Android设备上启动Activity、启动Service、发送Broadcast、操作ContentProvider。当你无法直接执行Android Intent或组件调用时(例如在Termux环境中),使用此工具完成调用。
⭐ 0· 146·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The name/description and SKILL.md consistently describe a local HTTP proxy for invoking Android components (Activity, Service, Broadcast, ContentProvider). There are no unrelated binaries or unrelated environment variables requested. However the skill's source/homepage is unknown which reduces trust in the provider.
Instruction Scope
Runtime instructions direct the agent to POST JSON to a local HTTP API (127.0.0.1:8726) to perform powerful actions (start activities/services, send broadcasts, read/modify ContentProviders). These actions are consistent with the declared purpose but are highly privileged on-device operations. The SKILL.md also embeds a config block with a token and baseUrl: the skill requires an Authorization header but the token is not declared in the registry metadata — this inconsistency and the inclusion of a hard-coded token are concerning.
Install Mechanism
Instruction-only skill with no install spec or code files; no downloads or on-disk installs are declared (lower install risk).
Credentials
No environment variables or credentials are declared, yet the API requires an Authorization: Bearer <token>. The SKILL.md includes a hard-coded token in its config section which is not represented in requires.env. The skill's operations can access sensitive device data (ContentProviders) and perform state-changing actions; the lack of explicit, proportionate credential declarations and the embedded token are red flags.
Persistence & Privilege
always is false, no requests to modify other skills or global agent settings. The skill can be invoked autonomously (normal default) but it does not request permanent inclusion or system-wide config changes.
What to consider before installing
This skill is coherent with its stated purpose (controlling Android components via a local HTTP proxy) but exercise caution before installing: 1) The SKILL.md contains a hard-coded token and the skill metadata does not declare required credentials — treat that token as potentially sensitive and avoid using default tokens. 2) The proxy can read and modify ContentProviders and start components—these are powerful, privacy-sensitive actions; only enable the skill on devices and apps you trust. 3) Verify the OSkillProxy app's origin (APK/package) and confirm the token and baseUrl from the actual app UI rather than relying on embedded defaults. 4) If you proceed, restrict network access to localhost, rotate/replace the token, and limit the agent's permission to call these endpoints unless absolutely necessary.Like a lobster shell, security has layers — review code before you run it.
latestvk972m5qk985gj7g6djam4tyrzn8338bz
License
MIT-0
Free to use, modify, and redistribute. No attribution required.