← Back to Skills Marketplace
Proxy Gateway
by
kehongpeng
· GitHub ↗
· v0.3.1
· MIT-0
212
Downloads
0
Stars
1
Active Installs
4
Versions
Install in OpenClaw
/install proxy-gateway
Description
Secure HTTP Proxy for AI Agents — Give your AI agent unrestricted internet access with pay-per-use pricing. 10 free requests to start, then only $0.001 per A...
Usage Guidance
This project implements the advertised proxy and is generally coherent, but pay attention to the following before you install or use it:
- Hosted vs self-hosted: The public endpoint (https://proxy.easky.cn) is custodial. Any request you send through the hosted proxy (URLs, headers, bodies, responses) can be seen by the operator — never send API keys, passwords, private keys, or sensitive/personal/internal data through the hosted service. The SKILL.md and SECURITY.md repeat this, and you should follow it.
- Financial risk: The hosted model requires users to deposit USDC to a platform wallet. Only deposit amounts you can afford to lose and verify the operator's identity and code before trusting them with funds.
- Metadata mismatch: The registry entry lists no required environment variables, but the code and docs reference ADMIN_TOKEN, HOSTED_WALLET, RPC_URL (Polygon), and optional Redis credentials. If you plan to self-host, set these env vars properly; if you plan to use the hosted endpoint, confirm who runs it and their trustworthiness.
- Local port probing: The service will probe localhost for Clash proxy ports (127.0.0.1:7890/7893/9090). This is documented, but if you are running sensitive local services consider disabling the health check or self-hosting in an isolated environment.
- Verify code & deployment: The repository includes a full implementation and audit artifacts. If you will self-host, review the source and dependencies, pin dependency versions, run it in an isolated container, and secure ADMIN_TOKEN and Redis. If you will use the hosted endpoint, independently verify the operator (domain ownership, reputation) before depositing funds.
- Missing declared tools: The skill metadata requires python3/pip3, but README commands reference git, docker, and uvicorn; ensure your environment has the tools you need.
If you want, I can: (1) list specific files/lines that reference ADMIN_TOKEN or HOSTED_WALLET, (2) show exact endpoints and which require authentication, or (3) produce a short checklist for securely self-hosting this service.
Capability Analysis
Type: OpenClaw Skill
Name: proxy-gateway
Version: 0.3.1
The bundle implements a professional HTTP proxy gateway for AI agents with a crypto-based pay-per-use model (USDC on Polygon). The code is well-architected, utilizing FastAPI, Pydantic for configuration, and Redis for atomic balance management. It includes extensive security documentation (SECURITY.md), clear privacy warnings regarding the custodial nature of the proxy, and instructions for self-hosting to mitigate privacy risks. The logic for on-chain transaction verification in app/managers/hosted_payment.py and URL forwarding in app/managers/proxy_manager.py is transparent and aligned with the stated purpose. No evidence of data exfiltration, unauthorized execution, or malicious prompt injection was found; local port probing of 127.0.0.1 is limited to verifying the availability of the required Clash proxy backend.
Capability Assessment
Purpose & Capability
The codebase and SKILL.md implement an HTTP proxy/payment system that matches the 'Proxy Gateway' description (server endpoints, fetch proxy, payment managers, self-hosting instructions). However the skill registry metadata declares no required environment variables while the code and README expect ADMIN_TOKEN, HOSTED_WALLET, RPC_URL and optional Redis; this mismatch is unexplained and means the metadata understates the runtime configuration the service needs.
Instruction Scope
The runtime instructions focus on proxy usage and self-hosting. The SKILL.md explicitly warns about privacy risks and tells users not to send keys/passwords. It also documents running the server (git clone, pip install, uvicorn/docker). There are no instructions that ask the agent to read arbitrary host files or exfiltrate secrets. The code will probe local Clash proxy ports (127.0.0.1:7890/7893/9090) for availability — this behavior is documented in SECURITY.md but is a non-trivial local check to be aware of.
Install Mechanism
No automated install spec is provided (lowest install risk). Full source code is included in the skill bundle, and the README/SKILL.md recommend manual steps (git clone, pip install -r requirements.txt, docker). Because the source is present, an operator following self-host instructions will install packages from PyPI and run the application locally — that is expected, but the skill package does not declare external downloads or obscure installers.
Credentials
The registry metadata lists no required env vars, yet the code and README reference several sensitive/config env values (ADMIN_TOKEN, HOSTED_WALLET, RPC_URL, REDIS credentials). The app operates a custodial payments model (users deposit USDC to a platform wallet) — that implies financial risk to users of the hosted service and requires trust in the operator. The proxy will see full request URLs, headers, bodies, and responses (explicitly stated); asking for no credentials in metadata while depending on them at runtime is inconsistent and risky if you plan to use the hosted service.
Persistence & Privilege
The skill does not request 'always: true' or system-wide privileges. It does not attempt to modify other skills. Self-hosting instructions will create a persistent service (systemd/Docker) if you follow them, but that is normal for a server project and is documented.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install proxy-gateway - After installation, invoke the skill by name or use
/proxy-gateway - Provide required inputs per the skill's parameter spec and get structured output
Version History
v0.3.1
**Changelog for proxy-gateway v0.3.1**
- Added detailed, structured YAML metadata block to SKILL.md for improved skill discovery and requirements display.
- Expanded documentation in SKILL.md with new sections for use cases, risk disclosures, clearer system requirements, and more robust error-handling examples.
- Clarified security, privacy, and trust considerations for users and self-hosters.
- No breaking changes to the proxy gateway API or logic.
v0.3.0
分层架构重构,6轮安全审计,13个P0漏洞修复,46个测试用例,生产环境部署
v0.2.7
API forwarding mode, Web UI for deposit, security fixes, HTTPS support
v0.2.6
- Added 10 free trial uses for new users.
- Introduced pay-as-you-go pricing at 0.001 USDC per request.
- Now supports pre-authorized credit mode.
- Ensured secure HTTPS access.
Metadata
Frequently Asked Questions
What is Proxy Gateway?
Secure HTTP Proxy for AI Agents — Give your AI agent unrestricted internet access with pay-per-use pricing. 10 free requests to start, then only $0.001 per A... It is an AI Agent Skill for Claude Code / OpenClaw, with 212 downloads so far.
How do I install Proxy Gateway?
Run "/install proxy-gateway" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is Proxy Gateway free?
Yes, Proxy Gateway is completely free, licensed under MIT-0. You can download, install and use it at no cost.
Which platforms does Proxy Gateway support?
Proxy Gateway is cross-platform and runs anywhere OpenClaw / Claude Code is available (linux, darwin, win32).
Who created Proxy Gateway?
It is built and maintained by kehongpeng (@kehongpeng); the current version is v0.3.1.
More Skills