← Back to Skills Marketplace
27
Downloads
0
Stars
0
Active Installs
1
Versions
Install in OpenClaw
/install nanoclaw-traffic-guardian
Description
NanoClaw runtime traffic monitoring baseline for host-side proxy inspection with container-safe MCP and IPC status surfaces.
README (SKILL.md)
NanoClaw Traffic Guardian
This is a baseline specification skill. It intentionally does not ship a proxy or runtime implementation yet.
Scope
Builders should use this skill as the NanoClaw landing zone for runtime traffic monitoring:
- host-side HTTP proxy inspection
- optional HTTPS inspection with host-held CA material
- outbound exfiltration detection
- inbound injection detection
- redacted local threat logs
- MCP tools for status, findings, and config checks
- IPC handlers for container-safe host communication
Prefer this as an optional companion to clawsec-nanoclaw, not as a mandatory extension of the existing advisory/signature/integrity suite.
Safety Contract
- Opt-in only.
- Detect-and-log by default.
- No automatic system CA installation.
- No CA private key access from the container.
- No blocking in the first implementation.
- Redact secrets before logs or MCP responses.
- Keep all state under
NANOCLAW_TRAFFIC_GUARDIAN_HOMEor the host-managed NanoClaw security data directory.
Builder Entry Points
Read SPEC.md before implementing. Use the placeholder folders as follows:
| Path | Intended use |
|---|---|
lib/ |
Detector rules, redaction, types, report formatting |
host-services/ |
Host-side proxy lifecycle, log access, IPC handlers |
mcp-tools/ |
Container-side MCP tools for status and findings |
test/ |
Unit tests, host/container IPC tests, redaction tests |
Required First Implementation Behavior
- Validate config without starting the proxy.
- Start monitor through a host-managed lifecycle path.
- Keep CA key material on the host side.
- Inspect HTTP request/response text up to a bounded byte limit.
- Support optional HTTPS MITM only when the operator supplies per-runtime trust configuration.
- Emit JSONL findings with redacted snippets.
- Expose MCP tools that return status and redacted findings only.
Out of Scope for v0.0.1 Implementation
- automatic system trust-store mutation
- transparent network interception
- default blocking
- sending traffic to external services
- exposing raw request/response bodies to the container
Usage Guidance
This version appears safe as a specification-only scaffold with no executable proxy or install script. Before using any future implementation based on it, confirm that traffic monitoring is opt-in, HTTPS interception requires explicit trust setup, CA private keys stay on the host, logs are redacted and access-controlled, and MCP tools expose only bounded status and redacted findings.
Capability Analysis
Type: OpenClaw Skill
Name: nanoclaw-traffic-guardian
Version: 0.0.1-beta1
This bundle is a documentation-only specification and scaffold for a traffic monitoring tool (NanoClaw Traffic Guardian). It contains no executable code, only placeholder directories and detailed architectural guidelines in SKILL.md and SPEC.md. The project defines a security framework for detecting exfiltration and injection while emphasizing safety measures such as secret redaction and host-side CA management, showing no signs of malicious intent or functional risk.
Capability Tags
Capability Assessment
Purpose & Capability
The stated purpose is runtime traffic monitoring and the artifacts consistently describe proxy inspection, exfiltration detection, injection detection, MCP status tools, and redacted local findings. These are sensitive capabilities, but they are purpose-aligned and explicitly scoped as a spec scaffold with no active implementation.
Instruction Scope
The instructions are aimed at builders and repeatedly require opt-in operation, no automatic trust-store mutation, no blocking in the first implementation, and redaction before logs or MCP responses.
Install Mechanism
There is no install spec and no code files; the package is instruction/specification-only, so the provided artifacts do not implement runtime interception, command execution, downloads, or persistence.
Credentials
The planned environment includes proxy URLs, CA bundles, log directories, and maximum scan-byte controls, which are proportionate to traffic monitoring but should remain operator-controlled in any future implementation.
Persistence & Privilege
The future design includes host-held CA material and JSONL threat findings; the artifacts mitigate this with host-side key ownership, redaction, bounded state directories, and no automatic system CA installation.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install nanoclaw-traffic-guardian - After installation, invoke the skill by name or use
/nanoclaw-traffic-guardian - Provide required inputs per the skill's parameter spec and get structured output
Version History
v0.0.1-beta1
Release 0.0.1-beta1 via CI
Metadata
Frequently Asked Questions
What is nanoclaw-traffic-guardian?
NanoClaw runtime traffic monitoring baseline for host-side proxy inspection with container-safe MCP and IPC status surfaces. It is an AI Agent Skill for Claude Code / OpenClaw, with 27 downloads so far.
How do I install nanoclaw-traffic-guardian?
Run "/install nanoclaw-traffic-guardian" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is nanoclaw-traffic-guardian free?
Yes, nanoclaw-traffic-guardian is completely free, licensed under MIT-0. You can download, install and use it at no cost.
Which platforms does nanoclaw-traffic-guardian support?
nanoclaw-traffic-guardian is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created nanoclaw-traffic-guardian?
It is built and maintained by davida-ps (@davida-ps); the current version is v0.0.1-beta1.
More Skills