← 返回 Skills 市场

clash-auto-switch

Name: clash-auto-switch
Author: adminlove520

作者 Anonymous · GitHub ↗ · v1.0.2

cross-platform ⚠ suspicious

409

总下载

当前安装

版本数

在 OpenClaw 中安装

/install clash-auto-switch

功能描述

自动检测 Clash 代理健康状态，优先区域节点优选，故障时切换到最佳节点，支持手动和区域快速切换。

使用说明 (SKILL.md)

clash-auto-switch

Clash 代理自动切换 Skill for OpenClaw

自动检测代理健康状态并在故障时自动切换到最佳节点。

配置

首次使用需要配置 Clash API：

# 设置 API 地址和密钥
/clash config set --api http://127.0.0.1:58871 --secret 你的密钥

或通过环境变量：

CLASH_API: Clash API 地址
CLASH_SECRET: API 密钥
CLASH_PROXY: 代理地址 (默认: http://127.0.0.1:7890)

功能

健康检查

检查当前代理是否正常工作：

/clash health

返回示例：

✓ 代理健康 (3/3)
- Telegram: OK
- Google: OK
- Anthropic: OK

列出节点

查看所有代理组和可用节点：

/clash list

自动切换

自动检测并切换到最佳节点：

/clash auto

逻辑：

测试 Telegram / Google / Anthropic 连通性
如果不健康，遍历所有节点
测试延迟，优先选择新加坡/日本/香港/美国节点
切换到最佳节点

手动切换

切换到指定节点：

/clash switch ChatGPT 新加坡-优化-Gemini-GPT

区域切换

快速切换到指定区域：

/clash sg    # 切换到新加坡
/clash us    # 切换到美国
/clash jp    # 切换到日本
/clash hk    # 切换到香港

状态查询

查看当前代理状态：

/clash status

在 Cron 中使用

添加到 cron job 实现定时健康检查：

{
  "name": "clash-health-check",
  "schedule": {
    "kind": "every",
    "everyMs": 900000
  },
  "payload": {
    "kind": "agentTurn",
    "message": "/clash auto"
  },
  "sessionTarget": "isolated"
}

在 Heartbeat 中使用

在 heartbeat 中添加健康检查：

# 在 HEARTBEAT.md 中添加
/clash health

支持的代理组

ChatGPT
Copilot
GLOBAL
Netflix
Steam
Telegram
TikTok
Twitter
WhatsApp
境内使用
海外使用
节点选择
谷歌服务
微软服务
苹果服务

示例对话

用户: 检查代理状态
小溪: 调用 /clash health → 返回健康度

用户: 代理好像很慢
小溪: 调用 /clash auto → 自动切换到最佳节点

用户: 切换到新加坡节点
小溪: 调用 /clash sg → 切换完成

实现原理

调用 Clash API (/proxies) 获取所有代理组
对每个 Selector 类型的代理组执行健康检查
如果不健康，测试所有节点延迟
优先选择优先区域的节点
调用 Clash API (/proxies/{group}) 切换节点

安全使用建议

This package mostly does what it says (checks proxy health and uses Clash's API to switch nodes), but take these precautions before installing or enabling it: - Treat CLASH_SECRET as sensitive. Do not keep any real API secret hard-coded in scripts; replace or remove the hard-coded value in the provided shell files before use. Prefer setting CLASH_SECRET via secure agent/secret storage. - Update the registry metadata / skill config to declare CLASH_API and CLASH_SECRET so the platform can surface required secrets to you. Right now the registry lists none, which is misleading. - Review and, if needed, restrict where logs and state files are written (scripts log to /var/log/clash-switch.log and /tmp). Ensure those files are stored with appropriate permissions so secrets are not leaked. - Be aware health checks contact external endpoints (Telegram, Google, Anthropic, OpenAI, GitHub) through your proxy. This is normal for connectivity testing but you may prefer to reduce the set of test targets or confirm that contacting them is acceptable in your environment. - The package requires the Python requests library if you use the Python skill file—install it in a controlled environment. Run the scripts locally first and inspect behavior before integrating into automated Cron/agent schedules. - If you plan to run the skill autonomously (periodic cron/heartbeat), limit frequency and review every action it takes; automatic switching changes network routing and could have operational impact. If the author can (a) remove the hard-coded secret, (b) declare required env vars/primary credential in registry metadata, and (c) document the exact external network calls and log paths, the inconsistencies would be resolved and confidence would increase.

功能分析

Type: OpenClaw Skill Name: clash-auto-switch Version: 1.0.2 The skill bundle provides automated Clash proxy switching and health monitoring. While the functionality aligns with its stated purpose, the scripts 'clash-switch-v2.sh' and 'clash-switch.sh' contain a hardcoded API secret ('6434ff5a-5b0f-4598-99ec-83ca96c77167'), which is a significant security vulnerability. Additionally, 'clash-switch-v2.sh' attempts to write logs to '/var/log/clash-switch.log', a high-privilege directory. Although no clear evidence of malicious intent or data exfiltration was detected, the combination of hardcoded credentials and network routing manipulation warrants a suspicious classification.

能力评估

ℹ Purpose & Capability

The name/description match what the files implement: health checks, latency tests, and switching via the Clash external controller API. However the registry metadata lists no required env vars or primary credential even though the scripts and SKILL.md expect CLASH_API/CLASH_SECRET/CLASH_PROXY—this is an implementation/metadata mismatch.

⚠ Instruction Scope

Runtime instructions and code perform HTTP requests to multiple external endpoints (Telegram, Google, Anthropic, OpenAI, GitHub) via the user's proxy to test connectivity. That is reasonable for a health check, but the SKILL.md and registry do not declare this network behavior explicitly. The skill also requires the CLASH_SECRET (read from env or config) to call the local Clash API; the registry did not advertise this required secret. The scripts write logs to /var/log and state to /tmp which may expose sensitive data if not protected.

ℹ Install Mechanism

There is no install spec (instruction-only in registry), but the bundle contains multiple executable scripts and a Python implementation plus a requirements.txt (requests). That means installation is manual (user must install dependencies) and files will run locally—no remote downloads were used. Low install mechanism risk but user must review and install dependencies themselves.

⚠ Credentials

The skill needs an API secret (CLASH_SECRET) to control Clash, but the registry declares no required env vars or primary credential. Worse, multiple shell scripts include a hard-coded CLASH_SECRET value (UUID-like) which is unexpected and inappropriate for a networking control secret. The presence of a hard-coded token and missing registry declaration are disproportionate and should be fixed or explained.

ℹ Persistence & Privilege

always:false (normal). The skill suggests using cron/heartbeat to run /clash auto periodically; combined with autonomous agent invocation this could make the agent perform periodic switches. This is expected for this utility but the user should be aware and control the schedule. The skill does not modify other skills or system-wide agent settings.

如何使用

确保已安装 OpenClaw（本地或 Docker 部署）
在对话框中输入安装命令：/install clash-auto-switch
安装完成后，直接呼叫该 Skill 的名称或使用 /clash-auto-switch 触发
根据 Skill 的参数说明提供必要输入，即可获得结构化输出

版本历史

v1.0.2

- Added new documentation file: docs/openclaw.md - Updated README.md with additional or improved content

v1.0.1

- Added CHANGELOG.md to provide a history of changes. - Added SKILL.md under skills/clash-auto-switch for centralized skill documentation. - Updated README.md to reflect recent documentation changes and structure improvements.

v1.0.0

- Initial release of clash-auto-switch for OpenClaw. - Automatically detects proxy health and switches to the best node if issues are found. - Supports health checks, listing nodes, auto/manual/region switching, and status queries. - Can be integrated with cron jobs and heartbeat for scheduled health checks. - Supports a wide range of proxy groups, including ChatGPT, Telegram, Netflix, and more.

元数据

Slug clash-auto-switch

版本 1.0.2

许可证 —

累计安装 1

当前安装数 1

历史版本数 3

常见问题