← Back to Skills Marketplace
96
Downloads
0
Stars
0
Active Installs
2
Versions
Install in OpenClaw
/install ghostprint
Description
LLM fingerprint noise injector. Sends behaviorally realistic randomized queries to Anthropic, Z.ai, and any OpenAI-compatible provider on a schedule to deper...
README (SKILL.md)
Ghostprint
Depersonalize your LLM usage. Introduce noise. Prevent fingerprinting.
Install as OpenClaw Plugin
git clone https://github.com/alarawms/ghostprint ~/.openclaw/extensions/ghostprint
openclaw plugins enable ghostprint
openclaw gateway restart
Usage
Once installed, these agent tools are available in any session:
ghostprint_fire— fire a noise round immediatelyghostprint_stats— show run history and stats
The background scheduler fires automatically every ~2 hours (Poisson-distributed).
How it works
- 6 personas with stable domain preferences and multi-turn rates
- 300+ topics across 12 domains (cooking, health, science, DIY, tech, finance, language, travel, psychology, history, lifestyle)
- Contextual follow-ups — multi-turn sessions use topic-paired follow-ups
- Poisson timing — exponentially distributed inter-arrival times
- Activity weights — suppressed during sleep hours, lighter on weekends
- Metadata-only logs — never logs topic text or reply content
- No config needed — reuses your existing OpenClaw provider credentials
Standalone (no OpenClaw)
cp config.example.yaml config.yaml
# edit config.yaml with your API keys
python3 ghostprint.py --run-once
python3 ghostprint.py --install-cron
Cost
\x3C $0.35/month at 3× daily across Anthropic + Z.ai.
Source
Usage Guidance
What to consider before installing:
- Understand the behavior: Ghostprint will send scheduled LLM requests using API keys available to OpenClaw or the ones you put in config.yaml. Those calls are real network requests that consume credit and are logged by the provider under whatever API key is used.
- Use separate credentials if you want to avoid account-level correlation: the README itself recommends dedicated throwaway API keys for noise; this is important because using your primary key means providers can easily link noise and real queries.
- If your goal is stronger separation, run noise through a proxy/VPN or on a separate host as recommended in ANTI-FINGERPRINT.md. The tool warns that same-IP and same-account correlation remain risks.
- Check the scheduler/cron installer: review the script path and cron entries before running --install-cron so you know what will run and as which user.
- Inspect logs and config: ghostprint writes ghostprint.log and uses config.yaml. Confirm logs contain only metadata (as claimed) and that config.yaml does not accidentally include secrets you don't want stored in plain text.
- Test safely: run python3 ghostprint.py --run-once with a throwaway key and monitor the outbound requests to confirm behavior before enabling long-term scheduling or installing into OpenClaw.
- Review code for hidden endpoints or exfil: the provided files appear to validate provider URLs and restrict non-HTTPS/private-IP targets, and I saw no other external endpoints, but given the pre-scan flag and the power this plugin has (background network requests using your keys) you should review the full code (especially the truncated parts of ghostprint.py in this package) or run it in an isolated environment.
If you are not comfortable with a plugin that will autonomously make network calls using your existing OpenClaw provider keys, treat this as risky: do not install or run it until you have created separate keys/accounts and validated the code and scheduling behavior.
Capability Analysis
Type: OpenClaw Skill
Name: ghostprint
Version: 3.0.1
The Ghostprint bundle is a privacy-focused tool designed to inject noise into LLM usage patterns to prevent behavioral fingerprinting. The code (ghostprint.py and index.ts) is well-structured, lacks external dependencies, and includes proactive security measures such as SSRF protection (rejecting private/reserved IPs in provider URLs) and restricted file permissions (0600) for local logs. The persistence mechanisms (cron for Python and a timeout loop for the plugin) are documented and essential to the tool's stated purpose of scheduled noise injection, and the cost-control measures (low token limits and Poisson-distributed intervals) align with the benign intent of the project.
Capability Assessment
Purpose & Capability
Name/description (LLM noise injector) match the included code and runtime instructions: both a standalone Python script and an OpenClaw plugin that schedule queries to configured providers. No unrelated services or binaries are requested.
Instruction Scope
SKILL.md instructs cloning the repo into OpenClaw extensions and enabling the plugin so it runs as a background scheduler inside the gateway. The plugin claims 'no API keys needed' because it will reuse your OpenClaw provider keys via runtime resolution; that behavior is not obviously explicit in the high-level summary and may surprise users. The plugin also exposes commands to fire rounds and view stats and provides an --install-cron helper for the standalone script (which will create scheduled background execution). All of these create persistent outbound network activity using your credentials.
Install Mechanism
There is no remote arbitrary binary download or obscure installer: the SKILL.md recommends cloning a GitHub repository and enabling the plugin. Code is included in the package (Python and TypeScript). No URL shorteners, personal IPs, or extracts from unknown archives were observed in the provided files.
Credentials
The registry metadata lists no required env vars, but both plugin and Python implementations expect API keys to exist (standalone uses config or ${ENV_VAR}, plugin reuses OpenClaw provider credentials via runtime resolution). This is proportionate to the stated purpose (the skill must call LLM providers), but it is important: reusing the same API key links noise and real traffic (the README explicitly documents this risk). Users may be surprised the plugin will access provider keys without adding separate credentials.
Persistence & Privilege
always:false (normal). However the plugin runs as a background service in the gateway and schedules recurring network requests (Poisson timing). That background capability is expected for the stated purpose but increases blast radius: the skill will autonomously make network requests on a schedule and write logs to its extension directory (ghostprint.log).
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install ghostprint - After installation, invoke the skill by name or use
/ghostprint - Provide required inputs per the skill's parameter spec and get structured output
Version History
v3.0.1
fix: YAML parser bug — env vars now correctly expand in provider config (api_key, base_url)
v3.0.0
v3: persona system, contextual follow-ups, Poisson timing, metadata-only logs, GLM-5.1 support, OpenClaw plugin
Metadata
Frequently Asked Questions
What is Ghostprint?
LLM fingerprint noise injector. Sends behaviorally realistic randomized queries to Anthropic, Z.ai, and any OpenAI-compatible provider on a schedule to deper... It is an AI Agent Skill for Claude Code / OpenClaw, with 96 downloads so far.
How do I install Ghostprint?
Run "/install ghostprint" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is Ghostprint free?
Yes, Ghostprint is completely free, licensed under MIT-0. You can download, install and use it at no cost.
Which platforms does Ghostprint support?
Ghostprint is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created Ghostprint?
It is built and maintained by alarawms (@alarawms); the current version is v3.0.1.
More Skills