Sparkle VPN

Control Sparkle VPN - start, stop, manage system proxy, query status and switch nodes using Mihomo core directly.

This skill appears to do exactly what it says: control a local Sparkle/Mihomo VPN. Before installing, verify: 1) you have the Mihomo/Sparkle binaries and the referenced profile (~/.config/sparkle/profiles/19c48c94cbb.yaml) or adjust scripts accordingly; 2) you are comfortable with scripts that start/kill processes and change GNOME proxy settings and write ~/.config/sparkle/proxy.env; 3) required tools (curl, python3, gsettings, pgrep/pkill) are present — the skill does not declare these dependencies; 4) the diagnostic call to https://ipinfo.io/ip will reveal your public IP to that service (harmless for most users, but note if you want no external calls). If unsure, inspect/modify the scripts (they are plain shell) or run them in an isolated/test environment first.

Type: OpenClaw Skill Name: sparkle-vpn Version: 1.1.0 The skill is classified as suspicious due to multiple critical shell injection vulnerabilities. The `sparkle_vpn_switch` tool in `index.ts` and `tools.yaml` directly interpolates the `node` parameter into a shell command without proper escaping, allowing for arbitrary command execution (RCE) if an attacker can control the `node` input (e.g., via prompt injection to the agent). Furthermore, the `scripts/switch-node.sh` script, which receives this parameter, attempts to URL-encode it using `python3 -c "..."`, but this `python3 -c` command itself is vulnerable to shell injection if the `NODE_NAME` contains unescaped single quotes. Additionally, `switch-node.sh` inserts the `NODE_NAME` into a JSON payload for `curl -d` without JSON escaping, posing a JSON injection risk. While there's no clear evidence of intentional malicious behavior like data exfiltration to external servers, these vulnerabilities represent significant security flaws that could be exploited.