by 安全扫描
OpenClaw
可疑
medium confidenceNULL
评估建议
Before installing: (1) Verify the source and version mismatch — the script downloads v0.5.15 while the registry advertises 0.5.17; ask the publisher which is intended. (2) Inspect or build the mirage-proxy binary yourself (the script can build with cargo) if you need to trust its handling of secrets. (3) Confirm the hardcoded SHA256 checksums match the binary you plan to run; if they don't, do not install. (4) Remember the proxy will see all API traffic and provider keys routed through it — only...详细分析 ▾
ℹ 用途与能力
The skill claims to install a local PII/secrets-filtering proxy and the included setup.sh does exactly that (download binary, create restart wrapper, start service). However registry metadata lists version 0.5.17 while the installer uses VERSION=0.5.15 and hardcoded checksums for v0.5.15, which is an inconsistency that should be clarified. The lack of a homepage and an unknown source in the registry metadata is also noteworthy.
✓ 指令范围
SKILL.md limits instructions to running the bundled setup script, patching OpenClaw provider config to route through localhost:8686, and suggested persistence mechanisms. The skill does not instruct reading unrelated system files or exfiltrating data. Note: the SKILL.md says the agent will patch OpenClaw config — that operation will modify configuration files and may reference environment variables; review any automated config changes before applying.
⚠ 安装机制
There is no formal install spec (instruction-only) but the provided setup.sh downloads a prebuilt binary from a GitHub releases URL and writes it into ~/.openclaw/workspace, creates an auto-restart wrapper, and launches it as a background process. Downloading a binary from GitHub releases is a common pattern, but the hardcoded VERSION (0.5.15) vs registry version (0.5.17) is inconsistent. The script does perform SHA256 verification using embedded checksums – good practice – but those checksums only match the older version. If the binary fails, the script may build from source with cargo (pulling code from GitHub), which is expected but increases the runtime network/exec footprint.
ℹ 凭证需求
The skill declares no required env vars or credentials. However, using the proxy implies provider API keys (e.g., ANTHROPIC_API_KEY, OPENAI_API_KEY) will be referenced in OpenClaw config and requests will be proxied through the local mirage process — the proxy will therefore see secrets in transit. The skill itself does not request those secrets, but you must trust the binary (or build it yourself) because it will handle sensitive data.
ℹ 持久化与权限
The installer creates a persistent background wrapper script (start-mirage.sh), launches it via nohup, and recommends modifying container entrypoints for persistence across restarts. The skill does not set always:true and does not modify other skills' configurations directly, but it does create a persistent local service that will be invoked by OpenClaw traffic — consider this long-lived presence when evaluating trust.
安全有层次,运行前请审查代码。
运行时依赖
无特殊依赖
版本
latestv0.5.172026/2/20
NULL
● 无害
安装命令
点击复制官方npx clawhub@latest install mirage-proxy
镜像加速npx clawhub@latest install mirage-proxy --registry https://cn.longxiaskill.com