Skillv1.0.0

ClawScan security

Agent Proxy Guardian · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

SuspiciousMar 4, 2026, 7:41 AM

Verdict: suspicious
Confidence: high
Model: gpt-5-mini
Summary: The skill claims autonomous proxy/VPN rotation for bypassing geo‑locks and rate limits but provides no implementation, credentials, or install details — that mismatch is concerning and unexplained.
Guidance: This skill description promises network-evasion functionality but provides no code, install steps, or credentials — that mismatch is a red flag. Before installing or enabling this skill: 1) ask the author for source code or a trusted package link, a clear install spec, and the exact credentials/config it needs; 2) verify where proxy/VPN endpoints come from and whether they are legal and contract-compliant (bypassing geo-locks or rate limits can violate terms or laws); 3) require minimal, scoped credentials (and never supply admin/system-level secrets); 4) avoid granting autonomous invocation or network configuration privileges until the implementation is reviewed; and 5) prefer skills with a verifiable homepage, repo, and explicit dependency list. If the author cannot provide those, do not install the skill.

Purpose & Capability: concernThe name and description promise network-level proxy/VPN rotation and interaction with exchanges/Web3, but the package declares no binaries, no install steps, no credentials, and no code. Performing the claimed actions would require proxy/VPN endpoints, credentials, or client software — none are declared.
Instruction Scope: concernSKILL.md is largely descriptive and provides only a single usage example (npx openclaw skill run ...) with no concrete runtime instructions for acquiring proxies, authenticating to VPNs, or safely performing rotations. The instructions are vague and grant broad, unspecified discretion to the agent.
Install Mechanism: noteThis is instruction-only with no install spec or code files, which reduces immediate supply-chain risk. However the usage example references 'npx', implying a Node package that is not present — another inconsistency.
Credentials: concernThe skill's purpose implies needing sensitive credentials (proxy providers, VPN accounts, or exchange API keys) and network privileges, yet requires no environment variables or config paths. Absence of declared secrets is disproportionate and unexplained.
Persistence & Privilege: okThe skill does not request always:true or any install-time persistence; it is user-invocable and can be invoked autonomously by the agent (default), which is normal. There is no evidence it would modify other skills or agent-wide settings.