← 返回 Skills 市场
woop

LuLu CLI

作者 Willem Pienaar · GitHub ↗ · v0.2.0 · MIT-0
darwin ⚠ suspicious
256
总下载
0
收藏
0
当前安装
2
版本数
在 OpenClaw 中安装
/install lulu-cli
功能描述
Manage LuLu macOS firewall rules from the command line. Use when connections are blocked, domains need allowing/blocking, or firewall rules need reviewing. P...
使用说明 (SKILL.md)

LuLu Firewall CLI

CLI for managing LuLu macOS firewall rules. LuLu is a free, open-source macOS firewall that blocks unknown outgoing connections.

Requires: macOS 13+, LuLu installed, sudo for write operations.

When to Use This Skill

  • A network request fails and you suspect it's being blocked by the firewall
  • You need to allow a new domain or service through the firewall
  • You want to audit what's currently allowed or blocked
  • You need to clean up stale or unnecessary rules
  • You're setting up a new machine and need to configure firewall rules

How LuLu Works

LuLu runs as a macOS system extension. When configured in passive mode with new connections defaulting to block, any unrecognized outbound connection is silently blocked and logged as a passive rule.

  • Rules live in /Library/Objective-See/LuLu/rules.plist (NSKeyedArchiver binary format, owned by root)
  • The CLI reads/writes this file directly using the same serialization format as LuLu
  • The system extension only reads rules at startup, so reload (kill + auto-restart) is needed after changes
  • New blocks from passive mode appear immediately in recent without needing a reload

Core Workflow

Most usage follows this pattern:

  1. Diagnose -- check what's being blocked
  2. Fix -- add allow rules for legitimate domains
  3. Apply -- reload the extension
# 1. Check recent blocks
lulu-cli recent 10

# 2. Allow the blocked domain
sudo lulu-cli add --key '*' --path '*' --action allow --addr api.example.com --port 443

# 3. Apply
sudo lulu-cli reload

Commands

list [filter]

List all firewall rules. Optionally filter by keyword (matches key or binary path).

lulu-cli list              # all rules
lulu-cli list curl         # rules for curl
lulu-cli list node         # rules for node
lulu-cli list '*'          # global/wildcard rules only

No sudo required.

recent [N]

Show the N most recent block rules, sorted by creation date (newest first). Default: 20.

lulu-cli recent            # last 20 blocks
lulu-cli recent 5          # last 5 blocks

No sudo required. This is the first command to run when diagnosing connection failures.

add

Add a new firewall rule. Requires sudo.

Flags:

  • --key KEY -- signing identity (e.g. com.apple.curl) or * for global
  • --path PATH -- binary path or * for global
  • --action allow|block -- rule action
  • --addr ADDR -- domain, IP, or regex pattern (default: *)
  • --port PORT -- port number or * for any (default: *)
  • --regex -- treat --addr as a regex pattern
# Allow a domain globally (all apps)
sudo lulu-cli add --key '*' --path '*' --action allow --addr example.com --port 443

# Allow a domain and all subdomains (regex)
sudo lulu-cli add --key '*' --path '*' --action allow \
  --addr '^(.+\.)?example\.com$' --port '*' --regex

# Allow for a specific app only
sudo lulu-cli add --key "/usr/bin/curl" --path /usr/bin/curl \
  --action allow --addr example.com --port 443

# Block a domain
sudo lulu-cli add --key '*' --path '*' --action block --addr malicious.com --port '*'

delete

Delete rule(s) by key. Requires sudo.

Flags:

  • --key KEY -- required
  • --uuid UUID -- specific rule UUID. If omitted, deletes ALL rules for the key.
# Delete a specific rule by UUID
sudo lulu-cli delete --key "com.apple.curl" --uuid "A1B2C3D4-..."

# Delete ALL rules for a key
sudo lulu-cli delete --key "com.apple.curl"

delete-match

Delete rules matching specific criteria. Requires sudo.

Flags:

  • --key KEY -- required
  • --action allow|block -- optional filter
  • --addr ADDR -- optional filter
  • --port PORT -- optional filter
# Delete all block rules on port 53 for curl
sudo lulu-cli delete-match --key "com.apple.curl" --action block --port 53

enable / disable

Toggle a rule's enabled state. Requires sudo.

Flags:

  • --key KEY -- required
  • --uuid UUID -- required
sudo lulu-cli enable --key '*' --uuid A1B2C3D4-...
sudo lulu-cli disable --key '*' --uuid A1B2C3D4-...

reload

Restart the LuLu system extension to apply rule changes. Requires sudo.

sudo lulu-cli reload

Kills the extension process. macOS auto-restarts registered system extensions within ~8 seconds. There is a brief gap in filtering during the restart.

Always run reload after add, delete, enable, or disable.

help

Show usage information.

lulu-cli help

Key Concepts

  • key: Signing identity (e.g. com.apple.curl) or binary path for unsigned apps. Use * for global rules that apply to all apps.
  • action: allow or block
  • addr: Domain name, IP address, regex pattern, or * (any)
  • port: Port number or * (any)
  • type: default (system), apple, user (manually created), passive (auto-created from blocked connections)
  • Global rules: key=* and path=* apply to all applications

Rule Policy: Allow-All vs Domain Allowlist

Not all processes should get unrestricted internet access. When using LuLu as a security boundary for AI agents:

Allow-all (addr=* port=*) -- Only for processes the agent cannot invoke:

  • Apple system daemons (apsd, mDNSResponder, trustd, ocspd, etc.)
  • User-only apps (Raycast, Zed, LuLu, Bitwarden CLI)
  • Network infrastructure (Tailscale, ssh)

Domain allowlist only -- Any process an agent could use to reach the internet:

  • node (Claude Code, OpenClaw runtime)
  • python / uv (agent scripts)
  • curl (command-line HTTP)
  • git / gh (could push to arbitrary remotes)
  • Browser helpers (agent browser automation)

When in doubt, leave a process restricted to the domain allowlist. It's easy to add an allow-all later; harder to notice data leaking through an over-permissive rule.

Troubleshooting

If a connection is failing:

  1. Run lulu-cli recent to see if it was blocked
  2. If yes, add an allow rule for the domain + port (usually 443 for HTTPS)
  3. Run sudo lulu-cli reload to apply
  4. Retry the connection

If the domain doesn't appear in recent, the problem is not the firewall.

安全使用建议
This skill appears to be what it claims: a command-line interface for LuLu that will need sudo to change firewall rules. Before installing, verify the Homebrew tap/formula (woop/tap) source to ensure authenticity. When using the CLI: inspect rules with list/recent before making changes, avoid creating global allow rules (addr='*' port='*') unless absolutely necessary, back up /Library/Objective-See/LuLu/rules.plist before writes, and be mindful that reload temporarily gaps filtering. Also be cautious about allowing any automated agent to run privileged sudo operations—require explicit user consent for write actions.
功能分析
Type: OpenClaw Skill Name: lulu-cli Version: 0.2.0 The skill provides an AI agent with high-privilege access to modify macOS firewall rules via sudo, including the ability to add, delete, and toggle rules for any application. It includes a 'reload' command that kills the LuLu system extension, which the documentation notes creates an 8-second gap in network filtering. While the skill's instructions in SKILL.md include security advice for managing agent network access, the combination of sudo-level system modification and the requirement for a third-party binary from an unverified Homebrew tap (woop/tap/lulu-cli) constitutes a high-risk capability that could be exploited to facilitate data exfiltration or bypass security boundaries.
能力评估
Purpose & Capability
Requested binaries (lulu-cli) and the brew install (woop/tap/lulu-cli) directly match the stated purpose of managing LuLu firewall rules. No unrelated credentials, paths, or tools are requested.
Instruction Scope
SKILL.md instructs the agent to read and write the LuLu rules file (/Library/Objective-See/LuLu/rules.plist) and to run reload (kill + auto-restart) — this is expected for a firewall management tool. Note: write actions require sudo and can create broad global allow rules (addr='*', port='*'), which are powerful and could weaken the security boundary if misused.
Install Mechanism
Install uses a Homebrew formula (woop/tap/lulu-cli). Homebrew installs are a normal mechanism, but the tap is a third‑party tap (woop/tap) rather than an official core formula — you may want to verify the tap/formula source before installing.
Credentials
The skill declares no environment variables, secrets, or unrelated config paths. The lack of extra credentials is proportionate to its stated function.
Persistence & Privilege
always:false and no skill-level persistence is requested. The only privilege of note is that write operations require sudo (expected for modifying a root-owned rules file). Autonomous invocation is allowed by default but not elevated by the skill itself.
如何使用
  1. 确保已安装 OpenClaw(本地或 Docker 部署)
  2. 在对话框中输入安装命令:/install lulu-cli
  3. 安装完成后,直接呼叫该 Skill 的名称或使用 /lulu-cli 触发
  4. 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v0.2.0
Remove sudoers documentation to address security flagging
v0.1.0
Initial release
元数据
Slug lulu-cli
版本 0.2.0
许可证 MIT-0
累计安装 0
当前安装数 0
历史版本数 2
常见问题

LuLu CLI 是什么?

Manage LuLu macOS firewall rules from the command line. Use when connections are blocked, domains need allowing/blocking, or firewall rules need reviewing. P... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 256 次。

如何安装 LuLu CLI?

在 OpenClaw 或 Claude Code 对话框中运行命令「/install lulu-cli」即可一键安装,无需额外配置。

LuLu CLI 是免费的吗?

是的,LuLu CLI 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。

LuLu CLI 支持哪些平台?

LuLu CLI 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(darwin)。

谁开发了 LuLu CLI?

由 Willem Pienaar(@woop)开发并维护,当前版本 v0.2.0。

推荐 Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191113 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 留言讨论