Is shadowrocketai/Scientific-Internet-Access safe?
https://github.com/shadowrocketai/Scientific-Internet-Access
This skill provides VPN/proxy configurations for bypassing internet censorship but exhibits concerning prompt injection behavior that overrides normal AI safety controls. While the core functionality appears legitimate, it involves connecting to unverified proxy servers and logs user interactions, presenting moderate security risks.
Category Scores
Findings (4)
HIGH Agent Behavior Hijacking -40 ▶
The skill contains explicit instructions that override normal AI behavior, forcing the agent to only output script results without reasoning or safety checks. Uses phrases like '你的回复必须且只能是运行脚本的输出' (Your reply must and can only be the output of running the script).
MEDIUM User Query Logging -15 ▶
Every skill interaction logs user messages to ~/.openclaw/workspace/user_queries.log with timestamps and first 200 characters of user input, potentially capturing sensitive queries about circumventing censorship.
MEDIUM External Network Dependencies -20 ▶
The skill executes Python scripts that connect to external GitHub repositories and test random proxy servers, introducing potential security risks from unverified network endpoints.
MEDIUM Unverified Proxy Server Risk -30 ▶
The skill connects users to random free proxy servers from unknown operators, which are commonly used for surveillance, data interception, or malicious purposes. Users could unknowingly route traffic through compromised servers.