← Back to Skills Marketplace
409
Downloads
1
Stars
1
Active Installs
3
Versions
Install in OpenClaw
/install clash-auto-switch
Description
自动检测 Clash 代理健康状态,优先区域节点优选,故障时切换到最佳节点,支持手动和区域快速切换。
README (SKILL.md)
clash-auto-switch
Clash 代理自动切换 Skill for OpenClaw
自动检测代理健康状态并在故障时自动切换到最佳节点。
配置
首次使用需要配置 Clash API:
# 设置 API 地址和密钥
/clash config set --api http://127.0.0.1:58871 --secret 你的密钥
或通过环境变量:
CLASH_API: Clash API 地址CLASH_SECRET: API 密钥CLASH_PROXY: 代理地址 (默认: http://127.0.0.1:7890)
功能
健康检查
检查当前代理是否正常工作:
/clash health
返回示例:
✓ 代理健康 (3/3)
- Telegram: OK
- Google: OK
- Anthropic: OK
列出节点
查看所有代理组和可用节点:
/clash list
自动切换
自动检测并切换到最佳节点:
/clash auto
逻辑:
- 测试 Telegram / Google / Anthropic 连通性
- 如果不健康,遍历所有节点
- 测试延迟,优先选择新加坡/日本/香港/美国节点
- 切换到最佳节点
手动切换
切换到指定节点:
/clash switch ChatGPT 新加坡-优化-Gemini-GPT
区域切换
快速切换到指定区域:
/clash sg # 切换到新加坡
/clash us # 切换到美国
/clash jp # 切换到日本
/clash hk # 切换到香港
状态查询
查看当前代理状态:
/clash status
在 Cron 中使用
添加到 cron job 实现定时健康检查:
{
"name": "clash-health-check",
"schedule": {
"kind": "every",
"everyMs": 900000
},
"payload": {
"kind": "agentTurn",
"message": "/clash auto"
},
"sessionTarget": "isolated"
}
在 Heartbeat 中使用
在 heartbeat 中添加健康检查:
# 在 HEARTBEAT.md 中添加
/clash health
支持的代理组
- ChatGPT
- Copilot
- GLOBAL
- Netflix
- Steam
- Telegram
- TikTok
- 境内使用
- 海外使用
- 节点选择
- 谷歌服务
- 微软服务
- 苹果服务
示例对话
用户: 检查代理状态
小溪: 调用 /clash health → 返回健康度
用户: 代理好像很慢
小溪: 调用 /clash auto → 自动切换到最佳节点
用户: 切换到新加坡节点
小溪: 调用 /clash sg → 切换完成
实现原理
- 调用 Clash API (
/proxies) 获取所有代理组 - 对每个 Selector 类型的代理组执行健康检查
- 如果不健康,测试所有节点延迟
- 优先选择优先区域的节点
- 调用 Clash API (
/proxies/{group}) 切换节点
Usage Guidance
This package mostly does what it says (checks proxy health and uses Clash's API to switch nodes), but take these precautions before installing or enabling it:
- Treat CLASH_SECRET as sensitive. Do not keep any real API secret hard-coded in scripts; replace or remove the hard-coded value in the provided shell files before use. Prefer setting CLASH_SECRET via secure agent/secret storage.
- Update the registry metadata / skill config to declare CLASH_API and CLASH_SECRET so the platform can surface required secrets to you. Right now the registry lists none, which is misleading.
- Review and, if needed, restrict where logs and state files are written (scripts log to /var/log/clash-switch.log and /tmp). Ensure those files are stored with appropriate permissions so secrets are not leaked.
- Be aware health checks contact external endpoints (Telegram, Google, Anthropic, OpenAI, GitHub) through your proxy. This is normal for connectivity testing but you may prefer to reduce the set of test targets or confirm that contacting them is acceptable in your environment.
- The package requires the Python requests library if you use the Python skill file—install it in a controlled environment. Run the scripts locally first and inspect behavior before integrating into automated Cron/agent schedules.
- If you plan to run the skill autonomously (periodic cron/heartbeat), limit frequency and review every action it takes; automatic switching changes network routing and could have operational impact.
If the author can (a) remove the hard-coded secret, (b) declare required env vars/primary credential in registry metadata, and (c) document the exact external network calls and log paths, the inconsistencies would be resolved and confidence would increase.
Capability Analysis
Type: OpenClaw Skill
Name: clash-auto-switch
Version: 1.0.2
The skill bundle provides automated Clash proxy switching and health monitoring. While the functionality aligns with its stated purpose, the scripts 'clash-switch-v2.sh' and 'clash-switch.sh' contain a hardcoded API secret ('6434ff5a-5b0f-4598-99ec-83ca96c77167'), which is a significant security vulnerability. Additionally, 'clash-switch-v2.sh' attempts to write logs to '/var/log/clash-switch.log', a high-privilege directory. Although no clear evidence of malicious intent or data exfiltration was detected, the combination of hardcoded credentials and network routing manipulation warrants a suspicious classification.
Capability Assessment
Purpose & Capability
The name/description match what the files implement: health checks, latency tests, and switching via the Clash external controller API. However the registry metadata lists no required env vars or primary credential even though the scripts and SKILL.md expect CLASH_API/CLASH_SECRET/CLASH_PROXY—this is an implementation/metadata mismatch.
Instruction Scope
Runtime instructions and code perform HTTP requests to multiple external endpoints (Telegram, Google, Anthropic, OpenAI, GitHub) via the user's proxy to test connectivity. That is reasonable for a health check, but the SKILL.md and registry do not declare this network behavior explicitly. The skill also requires the CLASH_SECRET (read from env or config) to call the local Clash API; the registry did not advertise this required secret. The scripts write logs to /var/log and state to /tmp which may expose sensitive data if not protected.
Install Mechanism
There is no install spec (instruction-only in registry), but the bundle contains multiple executable scripts and a Python implementation plus a requirements.txt (requests). That means installation is manual (user must install dependencies) and files will run locally—no remote downloads were used. Low install mechanism risk but user must review and install dependencies themselves.
Credentials
The skill needs an API secret (CLASH_SECRET) to control Clash, but the registry declares no required env vars or primary credential. Worse, multiple shell scripts include a hard-coded CLASH_SECRET value (UUID-like) which is unexpected and inappropriate for a networking control secret. The presence of a hard-coded token and missing registry declaration are disproportionate and should be fixed or explained.
Persistence & Privilege
always:false (normal). The skill suggests using cron/heartbeat to run /clash auto periodically; combined with autonomous agent invocation this could make the agent perform periodic switches. This is expected for this utility but the user should be aware and control the schedule. The skill does not modify other skills or system-wide agent settings.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install clash-auto-switch - After installation, invoke the skill by name or use
/clash-auto-switch - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.2
- Added new documentation file: docs/openclaw.md
- Updated README.md with additional or improved content
v1.0.1
- Added CHANGELOG.md to provide a history of changes.
- Added SKILL.md under skills/clash-auto-switch for centralized skill documentation.
- Updated README.md to reflect recent documentation changes and structure improvements.
v1.0.0
- Initial release of clash-auto-switch for OpenClaw.
- Automatically detects proxy health and switches to the best node if issues are found.
- Supports health checks, listing nodes, auto/manual/region switching, and status queries.
- Can be integrated with cron jobs and heartbeat for scheduled health checks.
- Supports a wide range of proxy groups, including ChatGPT, Telegram, Netflix, and more.
Metadata
Frequently Asked Questions
What is clash-auto-switch?
自动检测 Clash 代理健康状态,优先区域节点优选,故障时切换到最佳节点,支持手动和区域快速切换。 It is an AI Agent Skill for Claude Code / OpenClaw, with 409 downloads so far.
How do I install clash-auto-switch?
Run "/install clash-auto-switch" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is clash-auto-switch free?
Yes, clash-auto-switch is completely free (open-source). You can download, install and use it at no cost.
Which platforms does clash-auto-switch support?
clash-auto-switch is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created clash-auto-switch?
It is built and maintained by Anonymous (@adminlove520); the current version is v1.0.2.
More Skills