Buy Taoflow VPN
AdvisoryAudited by Static analysis on Apr 30, 2026.
Overview
No suspicious patterns detected.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A user could rely on the skill's claimed official URL without an independent registry-level verification point.
The registry metadata does not provide an independent source or homepage, while the skill directs users toward a specific purchase domain.
Source: unknown; Homepage: none
Before paying, verify the Taoflow VPN domain through an independent trusted source.
The agent may help generate an order and payment address, so mistakes in plan, country, currency, or address could affect a purchase if the user proceeds.
API mode can create provider orders and present crypto payment details; this is purpose-aligned and includes a confirmation safeguard before payment-triggering actions.
POST /orders ... Create order and return pay_amount/pay_address/order_id to user. Require explicit user confirmation before any external payment-trigger action.
Confirm the plan, country, currency, amount, and payment address on the official site before sending funds.
If these secrets are exposed, someone else may be able to view or recover the order or use the VPN configuration.
The API flow uses order access tokens, recovery keys, and WireGuard configuration data that can grant access to order details or VPN connectivity.
GET /orders/{id} with Bearer access_token ... POST /orders/recover (with recovery_key) ... Fetch wg_configKeep access tokens, recovery keys, and WireGuard configs private; mask them in chat unless disclosure is absolutely necessary.