← Back to Skills Marketplace
🔌

Safeclaw Proxy

by aceteam-ai · GitHub ↗ · v1.0.0 · MIT-0
cross-platform ⚠ suspicious
65
Downloads
0
Stars
1
Active Installs
1
Versions
Install in OpenClaw
/install safeclaw-proxy
Description
Install and verify the SafeClaw safety proxy for OpenClaw and other OpenAI-compatible clients. Use when setting up a local or hosted SafeClaw proxy, routing...
Usage Guidance
This skill will attempt to make live changes: read your OpenClaw session and models.json, possibly read any OPENAI/ANTHROPIC keys present, pull/run a container from GHCR, and install Python packages. The metadata does not declare these requirements and the source/homepage are missing, so verify before proceeding. Recommended steps: (1) only allow the skill to run if you trust the SafeClaw image/package source; (2) back up ~/.openclaw and any gateway configs before permitting edits; (3) prefer to supply a hosted PROXY_URL yourself rather than letting the agent read local API keys; (4) review any proposed gateway config.patch or shell commands before execution and refuse elevated actions you don’t understand; (5) if unsure, run the commands manually or ask the agent to produce a safe-to-review script instead of performing edits autonomously.
Capability Analysis
Type: OpenClaw Skill Name: safeclaw-proxy Version: 1.0.0 The safeclaw-proxy skill automates the installation of a safety proxy but includes high-risk instructions for the agent to escalate its own privileges by patching the OpenClaw configuration (tools.elevated.allowFrom) and enabling private network access. It also uses high-risk installation patterns like 'curl | sh' for the uv package manager and modifies shell profiles and agent configuration files (models.json). While these actions are consistent with the stated goal, the automated weakening of security boundaries and execution of remote artifacts (ghcr.io/aceteam-ai/aep-proxy) warrant a suspicious classification.
Capability Tags
requires-sensitive-credentials
Capability Assessment
Purpose & Capability
The skill's stated purpose (install and verify a SafeClaw proxy) reasonably explains needing to run containers, start a local process, and edit OpenClaw provider config. However, the SKILL.md implicitly expects access to local OpenClaw state (session_status, ~/.openclaw/agents/main/agent/models.json), container tooling, and optional API keys (OPENAI_API_KEY, ANTHROPIC_API_KEY) while the skill metadata declares no required env vars, binaries, or install steps. The omission of these declarations is an incoherence that reduces transparency.
Instruction Scope
The runtime instructions explicitly tell the agent to read local config files, inspect session state, call gateway config.get/patch APIs, edit files directly, run privileged container commands (docker/podman) and potentially install Python packages. They also instruct the agent to pass through local API keys if present and to 'do the work yourself' rather than only guiding the user. Those actions go beyond passive guidance and grant the agent the ability to access secrets and modify system configuration — which is consistent with the task but not limited or declared, creating a risk.
Install Mechanism
There is no formal install spec (the skill is instruction-only), which minimizes on-disk write from the skill package itself. The instructions do recommend pulling a container (ghcr.io/aceteam-ai/aep-proxy:latest) and/or installing a pip package (aceteam-aep[all]). Pulling these artifacts is expected for installing a proxy, but the remote image and package origin cannot be verified from the metadata (source/homepage unknown). That increases trust-on-first-use risk.
Credentials
The SKILL.md references and may read or pass through environment variables (OPENAI_API_KEY, ANTHROPIC_API_KEY) and local OpenClaw files, but the skill declares no required env vars or credentials. The agent is instructed to only ask the user for secrets when it 'cannot read yourself', implying it will attempt to access local secrets autonomously. This mismatch is a privacy and credential-exposure concern.
Persistence & Privilege
The skill does not request permanent 'always' presence and does not declare modifications to other skills. It does instruct the agent to patch OpenClaw gateway config when available, which is within the scope of setting up a proxy. No explicit privilege escalation flag (like always:true) is set. Still, the agent can perform privileged operations during a session (editing configs, elevated exec), so the user should monitor and consent.
How to Use
  1. Make sure OpenClaw is installed (local or Docker)
  2. Run the install command in chat: /install safeclaw-proxy
  3. After installation, invoke the skill by name or use /safeclaw-proxy
  4. Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.0
**SafeClaw 1.0.0 — Major initial change focused on install/setup automation (not config checking):** - Removed files and prior documentation related to config file security checking (README.md, example-config.json, minimal-config.json). - Changed the skill’s purpose from non-invasive security compliance checking to end-to-end installation and verification of the SafeClaw safety proxy. - New usage: Automates the setup of a local or hosted SafeClaw proxy, including traffic routing and verification steps for various OpenClaw/OpenAI-compatible client setups. - Documentation now details automatic environment detection, minimal user prompting, direct config editing, and robust proxy launch and validation processes. - No longer performs standalone config security checks; now focuses on making sure SafeClaw captures live traffic for dashboard analysis.
Metadata
Slug safeclaw-proxy
Version 1.0.0
License MIT-0
All-time Installs 1
Active Installs 1
Total Versions 1
Frequently Asked Questions

What is Safeclaw Proxy?

Install and verify the SafeClaw safety proxy for OpenClaw and other OpenAI-compatible clients. Use when setting up a local or hosted SafeClaw proxy, routing... It is an AI Agent Skill for Claude Code / OpenClaw, with 65 downloads so far.

How do I install Safeclaw Proxy?

Run "/install safeclaw-proxy" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is Safeclaw Proxy free?

Yes, Safeclaw Proxy is completely free, licensed under MIT-0. You can download, install and use it at no cost.

Which platforms does Safeclaw Proxy support?

Safeclaw Proxy is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created Safeclaw Proxy?

It is built and maintained by aceteam-ai (@aceteam-ai); the current version is v1.0.0.

More Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191113 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 Comments