← Back to Skills Marketplace
odrobnik

Intranet

by Oliver Drobnik · GitHub ↗ · v3.2.7 · MIT-0
cross-platform ✓ Security Clean
1372
Downloads
0
Stars
2
Active Installs
28
Versions
Install in OpenClaw
/install intranet
Description
Lightweight local HTTP file server with plugin support. Serves static files from a webroot, mounts plugin directories at URL prefixes via config, and runs in...
README (SKILL.md)

Intranet

Lightweight local HTTP file server — no Apache/nginx needed, no root required. Serves static files, mounts plugin directories, and runs index.py entry points as CGI.

Entry point: {baseDir}/scripts/intranet.py

Setup

See SETUP.md for prerequisites and setup instructions.

Commands

python3 {baseDir}/scripts/intranet.py start                          # Start on default port 8080
python3 {baseDir}/scripts/intranet.py start --port 9000              # Custom port
python3 {baseDir}/scripts/intranet.py start --host 0.0.0.0            # LAN access (requires token + allowed_hosts)
python3 {baseDir}/scripts/intranet.py start --token SECRET            # Enable bearer token auth
python3 {baseDir}/scripts/intranet.py status                         # Check if running
python3 {baseDir}/scripts/intranet.py stop                           # Stop server

Directory Layout

{workspace}/intranet/
├── config.json          # Server config (NOT served)
└── www/                 # Webroot (served files go here)
    ├── index.html
    └── ...

Config lives in {workspace}/intranet/config.json, webroot is {workspace}/intranet/www/. The config file is never exposed to HTTP.

Plugins

Plugins mount external directories at URL prefixes. Configure in config.json:

{
  "plugins": {
    "banker": "{workspace}/skills/banker/web",
    "deliveries": "{workspace}/skills/deliveries/web"
  }
}

Plugin config supports simple (static only) or extended (with CGI hash) format:

{
  "plugins": {
    "static-only": "/path/to/dir",
    "with-cgi": {
      "dir": "/path/to/dir",
      "hash": "sha256:abc123..."
    }
  }
}
  • Plugin paths must be inside the workspace
  • If CGI is enabled and a plugin has a hash, index.py at the plugin root handles all sub-paths — but only if its SHA-256 matches
  • Plugins without a hash are static-only (CGI blocked even when globally enabled)
  • Generate a hash: shasum -a 256 /path/to/index.py

CGI Execution

Off by default. Enable in config.json:

{
  "cgi": true
}

When enabled, only files named index.py can execute as CGI:

  • Webroot: index.py in any subdirectory handles that directory's requests
  • Plugins: index.py at the plugin root handles all plugin sub-paths
  • All other .py files → 403 Forbidden (never served, never executed)
  • Scripts must have the executable bit set (chmod +x)

Security

  • Webroot isolation — config.json is outside the webroot (www/), never served
  • CGI off by default — must be explicitly enabled via "cgi": true in config.json
  • Path containment — all resolved paths must stay within their base directory. Symlinks are followed but the resolved target is checked for containment.
  • Plugin allowlist — only directories explicitly registered in config.json are served; must be inside workspace
  • CGI restricted to index.py — no arbitrary script execution; plugin CGI requires SHA-256 hash in config.json. Webroot CGI does not require a hash (webroot files are under your direct control)
  • All .py files blocked except index.py entry points (not served as text, not executed)
  • Host allowlist — optional allowed_hosts restricts which Host headers are accepted
  • Token auth — optional bearer token via --token flag or config.json. Browser clients visit ?token=SECRET once → session cookie set → all subsequent navigation works. API clients use Authorization: Bearer \x3Ctoken> header.
  • Path traversal protection — all paths resolved and validated before serving
  • Default bind: 127.0.0.1 (loopback only). LAN access via --host 0.0.0.0 requires both token auth and allowed_hosts in config.json.

Workspace Detection

The server auto-detects the workspace by walking up from $PWD (or the script location) looking for a skills/ directory. The detected path is printed on startup so you can verify it.

To skip autodiscovery, set INTRANET_WORKSPACE to the workspace root:

INTRANET_WORKSPACE=/path/to/workspace python3 scripts/intranet.py start

Notes

  • All state files are inside the workspace:
    • Config: {workspace}/intranet/config.json
    • PID: {workspace}/intranet/.pid
    • Runtime: {workspace}/intranet/.conf
    • Webroot: {workspace}/intranet/www/
  • No files are written outside the workspace
  • 30-second timeout on CGI execution (when enabled)
Usage Guidance
This skill appears to do exactly what it says: run a local HTTP server that serves files and — optionally — runs index.py as CGI. Before using it: 1) Only enable CGI if you trust the code placed in the webroot or plugin roots (index.py runs arbitrary code). 2) If exposing the server beyond localhost, configure a strong token and populate allowed_hosts as documented. 3) Understand that the server writes PID/config files inside the workspace and may follow symlinks (but checks resolved containment). 4) Review and run the included scripts from a safe workspace; because the skill includes executable code, run it only on systems and directories you control.
Capability Analysis
Type: OpenClaw Skill Name: intranet Version: 3.2.7 The bundle implements a local HTTP server ('intranet') with CGI and plugin support. It features robust security controls including path traversal protection via path resolution, mandatory token authentication for non-loopback bindings, host allowlisting, and SHA-256 hash verification for plugin-based CGI scripts (scripts/intranet_web.py). The code is well-structured, lacks obfuscation, and its high-risk capabilities (CGI execution) are explicitly controlled, restricted to 'index.py' files, and aligned with the stated purpose.
Capability Assessment
Purpose & Capability
Name/description (local HTTP server with plugins and CGI) matches the included scripts and SKILL.md commands. Required binary (python3) is appropriate and no unrelated credentials, system paths, or external services are requested.
Instruction Scope
SKILL.md instructs the agent to run the provided intranet.py start/stop/status commands and to place config and webroot under the workspace. The instructions and the code reference only workspace-located files and optional INTRANET_WORKSPACE override. CGI execution is explicitly gated and documented. No instructions ask the agent to read unrelated system config or exfiltrate data.
Install Mechanism
This is an instruction-and-code skill with two included Python scripts and no install spec — the code will be run directly from the skill bundle. That's expected for a lightweight Python server, but it means the included scripts will execute on the host if started, so review them (done here) and run only in trusted contexts.
Credentials
No environment variables or external credentials are required by the skill. The only environment variable supported is INTRANET_WORKSPACE to override workspace autodiscovery — that is reasonable and documented.
Persistence & Privilege
The skill does not request always:true and is user-invokable only. It writes state (PID, .conf, config.json, runtime files) under the detected workspace directory only, which aligns with its function.
How to Use
  1. Make sure OpenClaw is installed (local or Docker)
  2. Run the install command in chat: /install intranet
  3. After installation, invoke the skill by name or use /intranet
  4. Provide required inputs per the skill's parameter spec and get structured output
Version History
v3.2.7
Make session cookies deterministic so they survive server restarts
v3.2.6
Address security report: log workspace on startup, add INTRANET_WORKSPACE env override, fix plugin path docs, document webroot CGI hash policy
v3.2.5
fix: use /Users/oliver/clawd for workspace root to preserve symlink paths
v3.2.4
Fix plugin static files, add HEAD support
v3.2.3
- Bump version to 3.2.3. - Documentation or metadata updates in SKILL.md. - No functional or code changes described.
v3.2.2
- Bumped version to 3.2.2. - Documentation only: updated SKILL.md with no functional or behavioral changes.
v3.2.1
- Bumped version to 3.2.1. - Minor documentation updates in SKILL.md; no functional changes.
v3.2.0
**Security model revised to allow symlinks but enforce strict path containment.** - Updated security: symlinks are now allowed in static paths, but all resolved file and directory targets must remain within their base directory (webroot or plugin). - Added "Path containment" policy to the documentation, replacing the previous blanket symlink rejection. - Tightened path validation logic in static file serving and directory listings for improved safety. - No changes to the plugin, CGI, or token/auth subsystems.
v3.1.3
- Updated version to 3.1.3. - Removed mention of plugin CGI hash verification from the main description for clarity.
v3.1.2
- Revised security description: symlinks are now only rejected in static file request paths; plugin CGI index.py scripts may be symlinks if their SHA-256 matches the configured hash. - Updated description for clarity on symlink handling and plugin CGI behavior. - No functional changes; documentation update only.
v3.1.1
- Clarified language in the description: symlinks now described as "fully rejected". - No functional changes; documentation wording update only.
v3.1.0
**Plugin security and config upgraded with hash-verified CGI support.** - Plugins now support two config formats: simple (static only) and extended with a required SHA-256 hash for CGI. - Plugin CGI execution requires a `hash` field in config.json; only `index.py` matching the registered hash is executable. - Plugins without `hash` are always static-only, even if CGI is enabled globally. - Updated documentation to describe new plugin config formats and security implications. - Ensures safer plugin execution by tightly restricting when CGI can run in plugins.
v3.0.2
- Hardened symlink handling: any symlink in the request path is now strictly blocked (403 Forbidden), not just skipped in directory listings. - Updated documentation to clarify the new strict symlink rejection for all request paths.
v3.0.1
- Updated symlink security: directory listings now hide symlinks, and server blocks any symlinks pointing outside the webroot or workspace using strict path resolution. - All state files (config, PID, runtime) are now stored within the workspace directory—no files are written outside it. - Improved documentation to clarify symlink handling, storage locations, and security guarantees. - Patch release; no API or command changes.
v3.0.0
Major update: introduces workspace-based directory layout and enables CGI only via explicit config. - New mandatory directory layout: webroot is now {workspace}/intranet/www/, with config isolated in {workspace}/intranet/config.json and never served over HTTP. - CGI execution now disabled by default; must be explicitly enabled via "cgi": true in config.json. - Updated plugin paths: must be inside the workspace directory. - Removed INTRANET_TOKEN environment variable from requirements; config file or command line usage only. - Improved security: config is outside webroot, and CGI entry points remain restricted to executable index.py files. - Updated documentation to reflect config location, webroot changes, and CGI enablement.
v2.2.0
- Default bind address changed to 127.0.0.1 (loopback only) for improved security. - LAN access now requires both token authentication and an allowed_hosts setting in config.json, and must specify --host 0.0.0.0. - Updated command documentation to clarify LAN usage and security requirements. - Improved and clarified the security documentation throughout SKILL.md and SETUP.md.
v2.1.1
- Added INTRANET_TOKEN to required environment variables in metadata. - Bumped version to 2.1.1.
v2.1.0
- Root web directory is now fixed to `{workspace}/intranet/` and is no longer configurable. - All plugin directories must be located inside the workspace for added security. - Updated documentation to reflect removal of `--dir` and `INTRANET_DIR` options. - Minor clarifications in security and usage notes.
v2.0.3
- Bumped version to 2.0.3. - Documentation updated in SKILL.md (no functional or feature changes indicated).
v2.0.2
- Directory listings now skip symlinks for improved security. - Documentation updated to reflect that symlinks are omitted in directory views. - Minor metadata cleanup; removed unused environment requirements.
Metadata
Slug intranet
Version 3.2.7
License MIT-0
All-time Installs 2
Active Installs 2
Total Versions 28
Frequently Asked Questions

What is Intranet?

Lightweight local HTTP file server with plugin support. Serves static files from a webroot, mounts plugin directories at URL prefixes via config, and runs in... It is an AI Agent Skill for Claude Code / OpenClaw, with 1372 downloads so far.

How do I install Intranet?

Run "/install intranet" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is Intranet free?

Yes, Intranet is completely free, licensed under MIT-0. You can download, install and use it at no cost.

Which platforms does Intranet support?

Intranet is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created Intranet?

It is built and maintained by Oliver Drobnik (@odrobnik); the current version is v3.2.7.

More Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191115 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 Comments