← 返回 Skills 市场

picoclaw-traffic-guardian

Name: picoclaw-traffic-guardian
Author: davida-ps

作者 davida-ps · GitHub ↗ · v0.0.1-beta3 · MIT-0

cross-platform ✓ 安全检测通过

总下载

当前安装

版本数

在 OpenClaw 中安装

/install clawsec-picoclaw-traffic-guardian

功能描述

Picoclaw runtime traffic monitoring baseline for lightweight AI gateway proxy inspection, egress detection, and posture integration.

使用说明 (SKILL.md)

Picoclaw Traffic Guardian

This is a baseline specification skill. It intentionally does not ship a proxy or runtime implementation yet.

Vercel Skills Installation

Install with the Vercel Skills CLI for this harness:

npx skills add prompt-security/clawsec --skill picoclaw-traffic-guardian -a openclaw -y

Release Artifact Verification

For standalone installs, verify the signed release manifest before trusting SKILL.md, skill.json, or the archive. The skill.json file is the package metadata/SBOM source, and the release pipeline signs checksums.json with the ClawSec release key.

set -euo pipefail

SKILL_NAME="picoclaw-traffic-guardian"
VERSION="0.0.1-beta3"
REPO="prompt-security/clawsec"
TAG="${SKILL_NAME}-v${VERSION}"
BASE="https://github.com/${REPO}/releases/download/${TAG}"
ZIP_NAME="${SKILL_NAME}-v${VERSION}.zip"
TMP_DIR="$(mktemp -d)"
trap 'rm -rf "$TMP_DIR"' EXIT

RELEASE_PUBKEY_SHA256="711424e4535f84093fefb024cd1ca4ec87439e53907b305b79a631d5befba9c8"

curl -fsSL "$BASE/checksums.json" -o "$TMP_DIR/checksums.json"
curl -fsSL "$BASE/checksums.sig" -o "$TMP_DIR/checksums.sig"
curl -fsSL "$BASE/signing-public.pem" -o "$TMP_DIR/signing-public.pem"
curl -fsSL "$BASE/$ZIP_NAME" -o "$TMP_DIR/$ZIP_NAME"
curl -fsSL "$BASE/SKILL.md" -o "$TMP_DIR/SKILL.md"
curl -fsSL "$BASE/skill.json" -o "$TMP_DIR/skill.json"

ACTUAL_PUBKEY_SHA256="$(openssl pkey -pubin -in "$TMP_DIR/signing-public.pem" -outform DER | shasum -a 256 | awk '{print $1}')"
if [ "$ACTUAL_PUBKEY_SHA256" != "$RELEASE_PUBKEY_SHA256" ]; then
  echo "ERROR: signing-public.pem fingerprint mismatch" >&2
  exit 1
fi

openssl base64 -d -A -in "$TMP_DIR/checksums.sig" -out "$TMP_DIR/checksums.sig.bin"
openssl pkeyutl -verify -rawin -pubin \
  -inkey "$TMP_DIR/signing-public.pem" \
  -sigfile "$TMP_DIR/checksums.sig.bin" \
  -in "$TMP_DIR/checksums.json" >/dev/null

hash_file() {
  if command -v shasum >/dev/null 2>&1; then
    shasum -a 256 "$1" | awk '{print $1}'
  else
    sha256sum "$1" | awk '{print $1}'
  fi
}

verify_manifest_file() {
  asset="$1"
  path="$2"
  expected="$(jq -r --arg asset "$asset" '.files[$asset].sha256 // empty' "$TMP_DIR/checksums.json")"
  if [ -z "$expected" ]; then
    echo "ERROR: checksums.json missing $asset" >&2
    exit 1
  fi
  actual="$(hash_file "$path")"
  if [ "$actual" != "$expected" ]; then
    echo "ERROR: checksum mismatch for $asset" >&2
    exit 1
  fi
}

expected_archive="$(jq -r '.archive.sha256 // empty' "$TMP_DIR/checksums.json")"
if [ -z "$expected_archive" ]; then
  echo "ERROR: checksums.json missing archive.sha256" >&2
  exit 1
fi
actual_archive="$(hash_file "$TMP_DIR/$ZIP_NAME")"
if [ "$actual_archive" != "$expected_archive" ]; then
  echo "ERROR: archive checksum mismatch" >&2
  exit 1
fi

verify_manifest_file "SKILL.md" "$TMP_DIR/SKILL.md"
verify_manifest_file "skill.json" "$TMP_DIR/skill.json"

echo "Signed release manifest, archive, SKILL.md, and skill.json verified."

Only install or extract the archive after this verification succeeds.

Scope

Builders should use this skill as the Picoclaw landing zone for runtime traffic monitoring:

lightweight AI gateway HTTP proxy inspection
optional HTTPS inspection with per-process CA trust
outbound exfiltration detection
inbound injection detection
redacted local threat logs
profile export for picoclaw-security-guardian

Do not add proxy runtime ownership to picoclaw-security-guardian or picoclaw-self-pen-testing. Those skills should profile, drift-check, or review this monitor's status, not run it.

Safety Contract

Opt-in only.
Detect-and-log by default.
No automatic system CA installation.
No global proxy environment changes.
No blocking in the first implementation.
Redact secrets before logs, summaries, or profile outputs.
Keep all state under PICOCLAW_TRAFFIC_GUARDIAN_HOME or $PICOCLAW_HOME/security/clawsec/traffic-guardian.

Builder Entry Points

Read SPEC.md before implementing. Use the placeholder folders as follows:

Path	Intended use
`lib/`	Detector rules, redaction, profile export, report formatting
`scripts/`	Start, stop, status, config validation, log query, profile export helpers
`test/`	Unit tests, proxy fixture tests, redaction tests, profile integration tests

Required First Implementation Behavior

Validate config without starting the proxy.
Start monitor in foreground or explicit background mode.
Scope proxy environment variables to the target Picoclaw gateway process.
Inspect HTTP request/response text up to a bounded byte limit.
Support optional HTTPS MITM only when the operator supplies per-process trust configuration.
Emit JSONL findings with redacted snippets.
Export a small profile fragment that picoclaw-security-guardian can include in deterministic posture profiles.

Out of Scope for v0.0.1 Implementation

automatic system trust-store mutation
transparent network interception
default blocking
sending traffic to external services
collecting full request/response bodies

安全使用建议

Before installing, understand that this is a scaffold for a future security monitor that may inspect Picoclaw gateway traffic and could see sensitive content if implemented and enabled. Keep any future runtime opt-in and process-scoped, verify signed release artifacts for standalone installs, and review carefully before enabling HTTPS inspection, background mode, or CA trust changes.

能力标签

cryptorequires-walletrequires-sensitive-credentials

能力评估

ℹ Purpose & Capability

The stated purpose is security traffic monitoring, including future HTTP/HTTPS proxy inspection and exfiltration/injection detection; that is sensitive but coherently disclosed and currently only specified, not implemented.

✓ Instruction Scope

Instructions repeatedly constrain future behavior to opt-in use, detect-and-log defaults, bounded scanning, redacted logs, per-process proxy scope, and no automatic system CA changes.

ℹ Install Mechanism

The skill includes an npx installation command and a standalone verification script that downloads release artifacts from GitHub; this is disclosed and verification-oriented, with no hidden install behavior in the artifact.

✓ Credentials

Requested node/python availability and optional Picoclaw-specific environment variables fit the planned monitoring purpose, and the metadata says no runtime network behavior is implemented in this version.

✓ Persistence & Privilege

The artifacts require local state to remain under explicit Picoclaw traffic-guardian paths, forbid scheduler-style persistence unless operator-applied, and include no executable runtime files.

如何使用

确保已安装 OpenClaw（本地或 Docker 部署）
在对话框中输入安装命令：/install clawsec-picoclaw-traffic-guardian
安装完成后，直接呼叫该 Skill 的名称或使用 /clawsec-picoclaw-traffic-guardian 触发
根据 Skill 的参数说明提供必要输入，即可获得结构化输出

版本历史

v0.0.1-beta3

Release 0.0.1-beta3 via CI

元数据

Slug clawsec-picoclaw-traffic-guardian

版本 0.0.1-beta3

许可证 MIT-0

累计安装 0

当前安装数 0

历史版本数 1

常见问题