ProxyClaw

This skill appears to do what it says: run requests through IPLoop residential proxies using IPLOOP_API_KEY and curl. Before installing or using: - Confirm you trust the IPLoop/ProxyClaw service (iploop.io / proxy.iploop.io). The skill will route any requested HTTP/HTTPS URL through an external proxy — do not ask it to fetch sensitive internal URLs, credentials endpoints, or private admin pages unless you accept that external infrastructure will see those requests. - The only required secret is IPLOOP_API_KEY. Review fetch.sh and your system policy: passing the key to curl with --proxy-user can expose the auth string in process listings on some systems. If that is a concern, run fetches from an isolated host or modify the script to read the password from a file with restrictive permissions or use a curl option that avoids argument exposure. - The repo includes optional runnable artifacts (a Docker node image, a QA scraper, and a small support HTTP server). These are not executed automatically by the skill but would fetch/run external code if you choose to run them. Treat any docker run / binary download (ultronloop2026/iploop-node) as higher risk and audit or run in sandboxed environment. - If you rely on the claim that the skill 'does not read files' or 'never logs the key', verify those properties in your environment: fetch.sh writes to a temporary file and other included scripts may read filesystem resources if run. If you only need occasional web fetches via a third-party residential proxy and you trust IPLoop, this skill is coherent with that purpose. If you have strict secrets or internal-network rules, review or sandbox the fetch.sh and avoid running the optional node agent or support services.