← 返回 Skills 市场
30
总下载
0
收藏
0
当前安装
1
版本数
在 OpenClaw 中安装
/install picoclaw-traffic-guardian
功能描述
Picoclaw runtime traffic monitoring baseline for lightweight AI gateway proxy inspection, egress detection, and posture integration.
使用说明 (SKILL.md)
Picoclaw Traffic Guardian
This is a baseline specification skill. It intentionally does not ship a proxy or runtime implementation yet.
Scope
Builders should use this skill as the Picoclaw landing zone for runtime traffic monitoring:
- lightweight AI gateway HTTP proxy inspection
- optional HTTPS inspection with per-process CA trust
- outbound exfiltration detection
- inbound injection detection
- redacted local threat logs
- profile export for
picoclaw-security-guardian
Do not add proxy runtime ownership to picoclaw-security-guardian or picoclaw-self-pen-testing. Those skills should profile, drift-check, or review this monitor's status, not run it.
Safety Contract
- Opt-in only.
- Detect-and-log by default.
- No automatic system CA installation.
- No global proxy environment changes.
- No blocking in the first implementation.
- Redact secrets before logs, summaries, or profile outputs.
- Keep all state under
PICOCLAW_TRAFFIC_GUARDIAN_HOMEor$PICOCLAW_HOME/security/clawsec/traffic-guardian.
Builder Entry Points
Read SPEC.md before implementing. Use the placeholder folders as follows:
| Path | Intended use |
|---|---|
lib/ |
Detector rules, redaction, profile export, report formatting |
scripts/ |
Start, stop, status, config validation, log query, profile export helpers |
test/ |
Unit tests, proxy fixture tests, redaction tests, profile integration tests |
Required First Implementation Behavior
- Validate config without starting the proxy.
- Start monitor in foreground or explicit background mode.
- Scope proxy environment variables to the target Picoclaw gateway process.
- Inspect HTTP request/response text up to a bounded byte limit.
- Support optional HTTPS MITM only when the operator supplies per-process trust configuration.
- Emit JSONL findings with redacted snippets.
- Export a small profile fragment that
picoclaw-security-guardiancan include in deterministic posture profiles.
Out of Scope for v0.0.1 Implementation
- automatic system trust-store mutation
- transparent network interception
- default blocking
- sending traffic to external services
- collecting full request/response bodies
安全使用建议
This version appears safe as a spec scaffold, but treat any future runtime implementation carefully: review its source, enable it only for intended Picoclaw gateway processes, avoid system-wide CA or proxy changes, and verify redaction before storing traffic findings.
功能分析
Type: OpenClaw Skill
Name: picoclaw-traffic-guardian
Version: 0.0.1-beta1
This bundle is a specification scaffold and architectural baseline for a traffic monitoring tool (Picoclaw Traffic Guardian). It contains no executable code, only documentation and directory placeholders (lib/, scripts/, test/). The instructions and specifications in SKILL.md and SPEC.md focus on defensive security monitoring with explicit safety constraints, such as mandatory secret redaction, opt-in usage, and a prohibition on automatic system-wide configuration changes.
能力标签
能力评估
Purpose & Capability
The stated purpose and artifacts are coherent: a Picoclaw traffic-monitoring baseline that may later inspect HTTP/HTTPS gateway traffic for exfiltration and injection. That future capability is sensitive, but it is clearly disclosed and bounded as opt-in, detect-and-log, and non-blocking in this release.
Instruction Scope
The instructions are builder-facing and emphasize safety limits: no automatic system CA installation, no global proxy changes, no default blocking, redaction before persistence, and no external traffic-sharing.
Install Mechanism
There is no install spec and no code, so the current package cannot perform runtime monitoring. The package is also a beta scaffold with unknown source/provenance, so any future implementation should be reviewed before use.
Credentials
The planned environment access is proportionate for a traffic monitor, but sensitive: it would proxy operator-scoped Picoclaw gateway traffic and optionally inspect HTTPS with per-process trust configuration.
Persistence & Privilege
The artifacts plan local JSONL findings and profile fragments, with state kept under a dedicated Picoclaw Traffic Guardian home path and no scheduler or automatic system trust-store changes.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install picoclaw-traffic-guardian - 安装完成后,直接呼叫该 Skill 的名称或使用
/picoclaw-traffic-guardian触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v0.0.1-beta1
Release 0.0.1-beta1 via CI
元数据
常见问题
picoclaw-traffic-guardian 是什么?
Picoclaw runtime traffic monitoring baseline for lightweight AI gateway proxy inspection, egress detection, and posture integration. 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 30 次。
如何安装 picoclaw-traffic-guardian?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install picoclaw-traffic-guardian」即可一键安装,无需额外配置。
picoclaw-traffic-guardian 是免费的吗?
是的,picoclaw-traffic-guardian 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。
picoclaw-traffic-guardian 支持哪些平台?
picoclaw-traffic-guardian 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 picoclaw-traffic-guardian?
由 davida-ps(@davida-ps)开发并维护,当前版本 v0.0.1-beta1。
推荐 Skills