← 返回 Skills 市场
Mirage Proxy
作者
Chandika Jayasundara
· GitHub ↗
· v0.5.17
587
总下载
0
收藏
0
当前安装
2
版本数
在 OpenClaw 中安装
/install mirage-proxy
功能描述
Install and configure mirage-proxy as a transparent PII/secrets filter for OpenClaw LLM API calls. Handles binary installation, provider config, auto-restart...
安全使用建议
Before installing: (1) Verify the source and version mismatch — the script downloads v0.5.15 while the registry advertises 0.5.17; ask the publisher which is intended. (2) Inspect or build the mirage-proxy binary yourself (the script can build with cargo) if you need to trust its handling of secrets. (3) Confirm the hardcoded SHA256 checksums match the binary you plan to run; if they don't, do not install. (4) Remember the proxy will see all API traffic and provider keys routed through it — only run it if you trust the binary/repo. (5) Test in an isolated or staging environment first, back up OpenClaw config before letting any agent auto-patch it, and review logs (~/.openclaw/workspace/mirage-proxy.log) and the start wrapper. If you cannot verify the binary or the repo authorship, avoid installing in production.
功能分析
Type: OpenClaw Skill
Name: mirage-proxy
Version: 0.5.17
The skill installs and configures 'mirage-proxy', a local PII/secrets filtering proxy for LLM API calls. The `SKILL.md` provides clear instructions for the agent and user, without any prompt injection attempts for malicious purposes. The `setup.sh` script downloads a binary from a specified GitHub repository, verifies its integrity using hardcoded SHA256 checksums, and sets up a local auto-restart wrapper. All operations are confined to the OpenClaw workspace and local host (127.0.0.1:8686). There is no evidence of data exfiltration, unauthorized remote access, or other malicious intent. The script's behavior is consistent with its stated purpose of enhancing security by filtering sensitive data.
能力评估
Purpose & Capability
The skill claims to install a local PII/secrets-filtering proxy and the included setup.sh does exactly that (download binary, create restart wrapper, start service). However registry metadata lists version 0.5.17 while the installer uses VERSION=0.5.15 and hardcoded checksums for v0.5.15, which is an inconsistency that should be clarified. The lack of a homepage and an unknown source in the registry metadata is also noteworthy.
Instruction Scope
SKILL.md limits instructions to running the bundled setup script, patching OpenClaw provider config to route through localhost:8686, and suggested persistence mechanisms. The skill does not instruct reading unrelated system files or exfiltrating data. Note: the SKILL.md says the agent will patch OpenClaw config — that operation will modify configuration files and may reference environment variables; review any automated config changes before applying.
Install Mechanism
There is no formal install spec (instruction-only) but the provided setup.sh downloads a prebuilt binary from a GitHub releases URL and writes it into ~/.openclaw/workspace, creates an auto-restart wrapper, and launches it as a background process. Downloading a binary from GitHub releases is a common pattern, but the hardcoded VERSION (0.5.15) vs registry version (0.5.17) is inconsistent. The script does perform SHA256 verification using embedded checksums – good practice – but those checksums only match the older version. If the binary fails, the script may build from source with cargo (pulling code from GitHub), which is expected but increases the runtime network/exec footprint.
Credentials
The skill declares no required env vars or credentials. However, using the proxy implies provider API keys (e.g., ANTHROPIC_API_KEY, OPENAI_API_KEY) will be referenced in OpenClaw config and requests will be proxied through the local mirage process — the proxy will therefore see secrets in transit. The skill itself does not request those secrets, but you must trust the binary (or build it yourself) because it will handle sensitive data.
Persistence & Privilege
The installer creates a persistent background wrapper script (start-mirage.sh), launches it via nohup, and recommends modifying container entrypoints for persistence across restarts. The skill does not set always:true and does not modify other skills' configurations directly, but it does create a persistent local service that will be invoked by OpenClaw traffic — consider this long-lived presence when evaluating trust.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install mirage-proxy - 安装完成后,直接呼叫该 Skill 的名称或使用
/mirage-proxy触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v0.5.17
Add SHA256 binary verification
v0.5.16
- Added detailed SKILL.md documentation, including setup, configuration, provider integration, and persistence instructions for mirage-proxy with OpenClaw.
- SKILL.md now covers merging mirage and direct providers, model alias switching, Docker and heartbeat persistence options, and verification procedures.
- Clarified behavior for API key environment variables and added troubleshooting tips.
- No changes to code or logic—documentation update only.
元数据
常见问题
Mirage Proxy 是什么?
Install and configure mirage-proxy as a transparent PII/secrets filter for OpenClaw LLM API calls. Handles binary installation, provider config, auto-restart... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 587 次。
如何安装 Mirage Proxy?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install mirage-proxy」即可一键安装,无需额外配置。
Mirage Proxy 是免费的吗?
是的,Mirage Proxy 完全免费(开源免费),可自由下载、安装和使用。
Mirage Proxy 支持哪些平台?
Mirage Proxy 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 Mirage Proxy?
由 Chandika Jayasundara(@chandika)开发并维护,当前版本 v0.5.17。
推荐 Skills