github-proxy

This skill's stated purpose (speed up GitHub access in China) is internally coherent with the capability (rewriting URLs to route through githubproxy.cc / ghfast.top). However, routing repository clones, raw files, release assets, and archives through third-party proxies without integrity checks is a significant supply-chain and privacy risk. The proxy operator can observe or modify content and capture any credentials or session data included in requests. For safe use, users should avoid sending authenticated requests through such proxies, prefer official mirrors or verified caching/CDN services, and validate downloaded artifacts (git commit hashes, tarball checksums, signatures). The skill as written is not obviously malicious but is risky: treat it as a supply-chain/third-party interception risk and avoid using it for sensitive or authenticated downloads unless you fully trust and audit the proxy service.