← Back to Skills Marketplace
SUIWARP
by
iPythoning
· GitHub ↗
· v1.2.0
· MIT-0
107
Downloads
0
Stars
0
Active Installs
3
Versions
Install in OpenClaw
/install suiwarp
Description
Deploy S-UI + Cloudflare WARP proxy server in one command. 6 protocols (VLESS Reality, TUIC, Hysteria2, gRPC, Trojan, WebSocket), clean Cloudflare IP exit vi...
Usage Guidance
This skill does what it claims but uses high-privilege, high-risk install patterns. Before running it: 1) Inspect the full setup.sh and any remote installers it calls; do not blindly run curl|bash as root. 2) Avoid sharing passwords in chat or using sshpass; prefer SSH keys and a controlled deployment channel. 3) Test in a disposable VM or isolated VPS first (not your primary/production server). 4) If you proceed, clone the repo and run the installer locally after manual review; backup any data on the target host and change default admin credentials after install. 5) Be aware the installer will install/enable systemd services and can route arbitrary outbound traffic through Cloudflare; consider legal and policy implications for your use case.
Capability Analysis
Type: OpenClaw Skill
Name: suiwarp
Version: 1.2.0
The bundle automates the deployment of a multi-protocol proxy server (S-UI) with Cloudflare WARP. It utilizes high-risk patterns such as 'curl | bash' for installation, modifies critical system configurations (systemd services, UFW firewall, iptables DNAT), and includes instructions in SKILL.md for remote deployment via SSH using 'sshpass' with disabled host key checking. While these actions are technically necessary for the stated purpose of setting up a VPS-based proxy, the broad system access and the requirement for the AI agent to handle raw server credentials present a significant attack surface and risk of misuse.
Capability Assessment
Purpose & Capability
The name/description (deploy S-UI + Cloudflare WARP multi-protocol proxy) match what the SKILL.md and included scripts actually do: they configure sing-box / S-UI, wireproxy, wgcf/WARP and system services, firewall, swap, and client links. Required system privileges (root, systemd services) are expected for this functionality.
Instruction Scope
The runtime instructions tell the user/agent to run a remote installer via `bash <(curl -sL https://raw.githubusercontent.com/.../setup.sh)` and to optionally perform remote installs via `ssh` and `sshpass` with plaintext passwords. The included setup.sh performs broad system changes (install packages, create swap, write configs under /usr/local, /etc, enable systemd services, modify firewall). While these actions are required for installation, instructing an agent to obtain and use root SSH credentials (especially encouraging sshpass) expands privilege scope and risk. The instructions do not attempt to read unrelated host data, but they do fetch external installers and run them as root.
Install Mechanism
The SKILL.md and setup.sh rely on remote script execution (curl | bash) from GitHub raw URLs and also call the S-UI install script from another repo. Downloading and immediately executing scripts from the network as root is inherently risky: although GitHub raw is a common release host, these operations will pull and run additional third-party code at install time. The skill has no registry install spec; the included setup.sh will conduct the installation dynamically.
Credentials
The registry declares no env vars or credentials, which aligns with the files. However, the instructions explicitly require root SSH access and give examples showing sending passwords with sshpass. While root access is necessary for this install, asking or scripting use of plaintext passwords (sshpass) is dangerous if an agent solicits or stores credentials. There are no hidden environment-variable exfiltration requests in the files.
Persistence & Privilege
The scripts install and enable systemd services (s-ui, wireproxy-warp, etc.), write persistent config under /etc and /usr/local, and thus create long-lived system presence—this is expected for a server install. The skill does not set always:true and does not modify other skills' configs. Because it gains system-wide persistence, exercising caution before installing is warranted.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install suiwarp - After installation, invoke the skill by name or use
/suiwarp - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.2.0
Add HTTPUpgrade, Hysteria2 port hopping, ECH. 10 protocols.
v1.1.0
Add CDN relay and ShadowTLS v3. 8 protocols total.
v1.0.0
Initial release of suiwarp — a one-command S-UI + Cloudflare WARP proxy server deployer:
- Deploys six major proxy protocols (VLESS Reality, TUIC, Hysteria2, gRPC, Trojan, WebSocket) on any VPS.
- Provides a "clean" Cloudflare exit IP using wireproxy and WARP (~54MB RAM total).
- Installs all dependencies, generates keys, sets up firewall, and creates ready-to-use client links.
- Includes remote SSH deployment, uninstall script, troubleshooting, and service management instructions.
- Designed for Ubuntu/Debian (x86_64, ARM64) with a focus on easy, automated VPN/proxy tunnel setup.
Metadata
Frequently Asked Questions
What is SUIWARP?
Deploy S-UI + Cloudflare WARP proxy server in one command. 6 protocols (VLESS Reality, TUIC, Hysteria2, gRPC, Trojan, WebSocket), clean Cloudflare IP exit vi... It is an AI Agent Skill for Claude Code / OpenClaw, with 107 downloads so far.
How do I install SUIWARP?
Run "/install suiwarp" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is SUIWARP free?
Yes, SUIWARP is completely free, licensed under MIT-0. You can download, install and use it at no cost.
Which platforms does SUIWARP support?
SUIWARP is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created SUIWARP?
It is built and maintained by iPythoning (@ipythoning); the current version is v1.2.0.
More Skills