← Back to Skills Marketplace
30
Downloads
0
Stars
0
Active Installs
1
Versions
Install in OpenClaw
/install picoclaw-traffic-guardian
Description
Picoclaw runtime traffic monitoring baseline for lightweight AI gateway proxy inspection, egress detection, and posture integration.
README (SKILL.md)
Picoclaw Traffic Guardian
This is a baseline specification skill. It intentionally does not ship a proxy or runtime implementation yet.
Scope
Builders should use this skill as the Picoclaw landing zone for runtime traffic monitoring:
- lightweight AI gateway HTTP proxy inspection
- optional HTTPS inspection with per-process CA trust
- outbound exfiltration detection
- inbound injection detection
- redacted local threat logs
- profile export for
picoclaw-security-guardian
Do not add proxy runtime ownership to picoclaw-security-guardian or picoclaw-self-pen-testing. Those skills should profile, drift-check, or review this monitor's status, not run it.
Safety Contract
- Opt-in only.
- Detect-and-log by default.
- No automatic system CA installation.
- No global proxy environment changes.
- No blocking in the first implementation.
- Redact secrets before logs, summaries, or profile outputs.
- Keep all state under
PICOCLAW_TRAFFIC_GUARDIAN_HOMEor$PICOCLAW_HOME/security/clawsec/traffic-guardian.
Builder Entry Points
Read SPEC.md before implementing. Use the placeholder folders as follows:
| Path | Intended use |
|---|---|
lib/ |
Detector rules, redaction, profile export, report formatting |
scripts/ |
Start, stop, status, config validation, log query, profile export helpers |
test/ |
Unit tests, proxy fixture tests, redaction tests, profile integration tests |
Required First Implementation Behavior
- Validate config without starting the proxy.
- Start monitor in foreground or explicit background mode.
- Scope proxy environment variables to the target Picoclaw gateway process.
- Inspect HTTP request/response text up to a bounded byte limit.
- Support optional HTTPS MITM only when the operator supplies per-process trust configuration.
- Emit JSONL findings with redacted snippets.
- Export a small profile fragment that
picoclaw-security-guardiancan include in deterministic posture profiles.
Out of Scope for v0.0.1 Implementation
- automatic system trust-store mutation
- transparent network interception
- default blocking
- sending traffic to external services
- collecting full request/response bodies
Usage Guidance
This version appears safe as a spec scaffold, but treat any future runtime implementation carefully: review its source, enable it only for intended Picoclaw gateway processes, avoid system-wide CA or proxy changes, and verify redaction before storing traffic findings.
Capability Analysis
Type: OpenClaw Skill
Name: picoclaw-traffic-guardian
Version: 0.0.1-beta1
This bundle is a specification scaffold and architectural baseline for a traffic monitoring tool (Picoclaw Traffic Guardian). It contains no executable code, only documentation and directory placeholders (lib/, scripts/, test/). The instructions and specifications in SKILL.md and SPEC.md focus on defensive security monitoring with explicit safety constraints, such as mandatory secret redaction, opt-in usage, and a prohibition on automatic system-wide configuration changes.
Capability Tags
Capability Assessment
Purpose & Capability
The stated purpose and artifacts are coherent: a Picoclaw traffic-monitoring baseline that may later inspect HTTP/HTTPS gateway traffic for exfiltration and injection. That future capability is sensitive, but it is clearly disclosed and bounded as opt-in, detect-and-log, and non-blocking in this release.
Instruction Scope
The instructions are builder-facing and emphasize safety limits: no automatic system CA installation, no global proxy changes, no default blocking, redaction before persistence, and no external traffic-sharing.
Install Mechanism
There is no install spec and no code, so the current package cannot perform runtime monitoring. The package is also a beta scaffold with unknown source/provenance, so any future implementation should be reviewed before use.
Credentials
The planned environment access is proportionate for a traffic monitor, but sensitive: it would proxy operator-scoped Picoclaw gateway traffic and optionally inspect HTTPS with per-process trust configuration.
Persistence & Privilege
The artifacts plan local JSONL findings and profile fragments, with state kept under a dedicated Picoclaw Traffic Guardian home path and no scheduler or automatic system trust-store changes.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install picoclaw-traffic-guardian - After installation, invoke the skill by name or use
/picoclaw-traffic-guardian - Provide required inputs per the skill's parameter spec and get structured output
Version History
v0.0.1-beta1
Release 0.0.1-beta1 via CI
Metadata
Frequently Asked Questions
What is picoclaw-traffic-guardian?
Picoclaw runtime traffic monitoring baseline for lightweight AI gateway proxy inspection, egress detection, and posture integration. It is an AI Agent Skill for Claude Code / OpenClaw, with 30 downloads so far.
How do I install picoclaw-traffic-guardian?
Run "/install picoclaw-traffic-guardian" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is picoclaw-traffic-guardian free?
Yes, picoclaw-traffic-guardian is completely free, licensed under MIT-0. You can download, install and use it at no cost.
Which platforms does picoclaw-traffic-guardian support?
picoclaw-traffic-guardian is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created picoclaw-traffic-guardian?
It is built and maintained by davida-ps (@davida-ps); the current version is v0.0.1-beta1.
More Skills