← 返回 Skills 市场

Wcs Helper Network Skill

Name: Wcs Helper Network Skill
Author: guanqi0914

作者无上宗师 · GitHub ↗ · v1.0.1 · MIT-0

cross-platform ⚠ suspicious

109

总下载

当前安装

版本数

在 OpenClaw 中安装

/install wcs-helper-network-skill

功能描述

SSH tunnel for China servers to access internationally blocked sites (GitHub, ClawHub, HuggingFace, arXiv, Google, YouTube). Password-auth based, one-command...

安全使用建议

This skill may be trying to do what it claims (create an SSH SOCKS5 tunnel), but there are several red flags you should address before installing: - Missing scripts: The package only includes tunnel_handler.py, but SKILL.md and README repeatedly refer to connect.sh and many helper scripts that are not present. Do not run commands that download or execute missing scripts from unknown URLs without inspecting them first. Ask the author for the full package or the missing files and inspect connect.sh and any systemd install scripts. - Password handling: The instructions tell you to send your server password in a chat command. That exposes the password to the messaging service, agent processing, and any logs. Prefer SSH key authentication and avoid sending secrets in chat. If you must use a password, verify where and how it is stored (inspect ~/.wcs_tunnel.conf) and ensure it is not sent to external endpoints. - sshpass risks: The skill recommends sshpass, which places the password on the command line and can be observed by other processes/users. Consider using key-based auth or an SSH agent instead. - systemd auto-start: The skill mentions installing a systemd service. Only allow that after reviewing the exact service file to confirm it does nothing unexpected. - If you still want to try it: run in an isolated VM/container, create a throwaway VPS account, replace password auth with a dedicated limited account, and audit the connect.sh and related scripts before giving any real credentials. If the author cannot provide the missing scripts for review, avoid installing.

功能分析

Type: OpenClaw Skill Name: wcs-helper-network-skill Version: 1.0.1 The skill facilitates setting up an SSH tunnel to bypass network restrictions but introduces significant security risks by instructing users to provide VPS credentials, including passwords, via plaintext slash commands in SKILL.md. This practice could expose sensitive credentials in chat logs or history. Additionally, scripts/tunnel_handler.py uses subprocess.run(shell=True), which presents a shell injection risk if inputs are not properly sanitized. While these behaviors are highly insecure, they appear to be functional requirements for the stated purpose rather than intentional malice.

能力评估

ℹ Purpose & Capability

The described capability (autossh + sshpass + proxychains to provide a SOCKS5 tunnel) is coherent with the skill's purpose. The _meta.json lists reasonable runtime requirements (autossh, proxychains4, sshpass). However the packaged files do not include the many referenced helper scripts (connect.sh, sg-*.sh, etc.) that the README and SKILL.md repeatedly instruct you to run; the Python handler calls a connect.sh path under the skill directory but that script is absent from the bundle. This missing-file mismatch is unexpected and unexplained.

⚠ Instruction Scope

SKILL.md explicitly instructs users to send server IP/port/username/password via a Feishu private chat slash command. That means sensitive SSH passwords are entered into a messaging channel and will be processed by the agent. The runtime code (tunnel_handler.py) delegates to a connect.sh script (not present) which would presumably create ~/.wcs_tunnel.conf and may install systemd services. The instructions therefore require handling and persistent storage of plaintext passwords and encourage use of sshpass (which places passwords on the command line), both of which expand scope beyond a simple helper and increase risk of credential exposure.

⚠ Install Mechanism

There is no install spec (instruction-only), and only one code file is packaged (scripts/tunnel_handler.py). README/SKILL.md describe many shell scripts and an install-service step that would create systemd units, but those scripts are not present in the manifest. Because the Python handler calls an external connect.sh that isn't included, the package as provided is incomplete — if the missing scripts are fetched later from an external source at install time, that would be a higher-risk install pattern (arbitrary code from network).

⚠ Credentials

The manifest itself does not request environment variables, but README suggests environment variables for automation (TUNNEL_HOST, TUNNEL_USER, TUNNEL_PASS) and SKILL.md/README state credentials are stored in ~/.wcs_tunnel.conf. The skill asks the user to provide high-sensitivity secrets (SSH password) via chat, and recommends sshpass (which exposes passwords to process listings). Requesting and storing a plaintext SSH password is disproportionate compared with the minimal claim 'start an SSH tunnel' — a more secure, proportional design would recommend an SSH key or prompt locally rather than sending passwords via chat.

ℹ Persistence & Privilege

The skill does not set always: true and does not itself modify other skills. However SKILL.md/README describe an 'install-service' option to create a systemd service for auto-starting the tunnel. If connect.sh implements that, it grants system-level persistence (systemd unit). Because connect.sh is not present, we cannot inspect what that action would do, so this is a cautionary note: a legitimate feature but one that requires elevated privileges and should be audited before being run.

如何使用

确保已安装 OpenClaw（本地或 Docker 部署）
在对话框中输入安装命令：/install wcs-helper-network-skill
安装完成后，直接呼叫该 Skill 的名称或使用 /wcs-helper-network-skill 触发
根据 Skill 的参数说明提供必要输入，即可获得结构化输出

版本历史

v1.0.1

wcs-helper-network-skill v1.0.1 - Overhauled SKILL.md: now simpler, more concise, and better focused on real-world usage scenarios. - Updated description to emphasize password-auth setup, one-command configuration, and supported major sites (GitHub, ClawHub, HuggingFace, arXiv). - Clarified prerequisites, setup steps, recommended software, troubleshooting, and security notes. - Updated command list and usage flows for better guidance. - Minor metadata change: removed command-tool and command-arg-mode from openclaw metadata.

v1.0.0

wcs-helper-network-skill 1.0.0 - Initial release with SSH autossh tunnel for stable access to blocked sites from China servers. - Includes proxychains4-based smart routing, auto-detection of blocked domains, and systemd auto-start scripts. - Supports routing for developer, AI/ML, search, and social platforms (GitHub, ClawHub, HuggingFace, Google, etc.). - Provides setup wizard, domain routing management tools, and command-line utilities for various common tunnels and proxy tasks. - Clear documentation for installation, usage, and customization of routing rules.

元数据

Slug wcs-helper-network-skill

版本 1.0.1

许可证 MIT-0

累计安装 0

当前安装数 0

历史版本数 2

常见问题

Wcs Helper Network Skill 是什么？

SSH tunnel for China servers to access internationally blocked sites (GitHub, ClawHub, HuggingFace, arXiv, Google, YouTube). Password-auth based, one-command... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件，目前累计下载 109 次。

如何安装 Wcs Helper Network Skill？

在 OpenClaw 或 Claude Code 对话框中运行命令「/install wcs-helper-network-skill」即可一键安装，无需额外配置。

Wcs Helper Network Skill 是免费的吗？

是的，Wcs Helper Network Skill 完全免费，采用 MIT-0 许可证，可自由下载、安装和使用。

Wcs Helper Network Skill 支持哪些平台？

Wcs Helper Network Skill 跨平台运行，可在任意部署了 OpenClaw / Claude Code 的环境中使用（cross-platform）。

谁开发了 Wcs Helper Network Skill？

由无上宗师（@guanqi0914）开发并维护，当前版本 v1.0.1。