ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Localhost Bridge

v2.0.0

Bridge Docker containers to host localhost services via socat. Solves the #1 networking issue in containerized AI agent deployments: containers can't reach s...

0· 401·0 current·0 all-time
byErwan Lee Pesle@superworldsavior
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
medium confidence
!
Purpose & Capability
SKILL.md clearly requires sudo, Docker daemon access, and the socat package to create systemd services and UFW rules on the host. The registry metadata (required binaries/env/config) lists none of these requirements, creating an incoherence between what the skill claims to need and what it actually instructs an admin to do.
Instruction Scope
The runtime instructions are explicit and scoped to the stated purpose (bind socat to a Docker bridge IP, add a scoped UFW rule, create a systemd unit). The doc repeatedly warns that an administrator must review the generated unit and firewall rules before enabling them.
Install Mechanism
This is an instruction-only skill with no install spec or code files — nothing is downloaded or written by the skill itself beyond what an admin runs. That minimizes code-distribution risk.
!
Credentials
The actions require host-level privileges (sudo to write systemd units, modify UFW) and Docker daemon access. Those privileged requirements are reasonable for the described task but are not declared in the registry metadata, which understates the level of credential/privilege access needed.
!
Persistence & Privilege
The setup creates persistent system changes (systemd service + UFW rule) which affect host networking. While always:false is correctly set, the platform metadata also allows agent invocation by default; because the SKILL.md warns it must not be run autonomously, there is a policy mismatch — ensure automated agents are NOT given sudo/host access before enabling.
What to consider before installing
This skill appears to implement what it claims (using socat + firewall + systemd to let containers reach host-local services), but it requires high privileges and makes persistent host network changes — do not let an agent run it autonomously. Before installing or following the instructions: (1) only run these commands as a trusted administrator on a controlled host; (2) manually inspect the generated /etc/systemd/system/socat-*.service ExecStart line and confirm it binds only to the intended Docker bridge IP (never 0.0.0.0); (3) inspect the UFW rule and bridge interface name before enabling it; (4) test from inside a container and verify the port is NOT reachable from the public network; (5) prefer documented alternatives (host networking or a scoped privileged container) if you cannot safely manage sudo/systemd/UFW; and (6) ask the skill publisher to update registry metadata to explicitly list required binaries/privileges (sudo, docker, socat) so the privilege requirements are transparent. If you want higher confidence, request an explicit example unit and firewall rule for your environment and confirm there are no steps that would open services to the public internet.

Like a lobster shell, security has layers — review code before you run it.

latestvk976mmvzcgmnhfdzp5dxmmxzms81z4nz

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments