← 返回 Skills 市场
85
总下载
0
收藏
0
当前安装
3
版本数
在 OpenClaw 中安装
/install vpn-mesh
功能描述
Turn your OpenClaw agent into a secure VPN exit node. Mesh network for agents to route traffic through peer nodes worldwide.
使用说明 (SKILL.md)
VPN Mesh 🌐
Decentralized VPN network for AI agents. Turn your OpenClaw agent into a secure VPN exit node. Route traffic through peer nodes worldwide with one command.
Install: clawhub install vpn-mesh
Setup: python3 ~/.openclaw/skills/vpn-mesh/scripts/setup.sh
Map: python3 ~/.openclaw/skills/vpn-mesh/scripts/mesh_map.py --html
Quick Start
# 1. Install the skill
clawhub install vpn-mesh
# 2. Setup your node (generates keys, creates config)
python3 ~/.openclaw/skills/vpn-mesh/scripts/setup.sh
# 3. Start the VPN interface (requires WireGuard installed)
sudo wg-quick up ~/.openclaw/vpn-mesh/wg0.conf
# 4. See your node on the map
python3 ~/.openclaw/skills/vpn-mesh/scripts/mesh_map.py --html
Commands
setup — Configure this node
python3 ~/.openclaw/skills/vpn-mesh/scripts/vpn_mesh.py setup
Creates WireGuard keypair, detects your location, creates VPN config.
status — Show node info and connection state
python3 ~/.openclaw/skills/vpn-mesh/scripts/vpn_mesh.py status
Shows:
- Node ID, country, city
- Public key (share this with others)
- Connection status
- Available peers in the mesh
list — Show all mesh nodes
python3 ~/.openclaw/skills/vpn-mesh/scripts/vpn_mesh.py list
Displays all nodes in the network with:
- 🇪🇸 Country flags
- 📍 City and endpoint
- 🔑 Public key (first 30 chars)
connect \x3Cnode_id> — Connect to a specific node
python3 ~/.openclaw/skills/vpn-mesh/scripts/vpn_mesh.py connect node-id
Routes your agent's traffic through the specified peer node.
connect-country \x3CCC> — Connect to a country
python3 ~/.openclaw/skills/vpn-mesh/scripts/vpn_mesh.py connect-country ES
Finds the best available node in the specified country and connects automatically.
Supported countries: ES, GB, US, DE, FR, NL, SE, NO, FI, DK, PL, IT, PT, IE, BE, AT, CH, AU, CA, JP, KR, SG, IN, BR
disconnect — Revert to local routing
python3 ~/.openclaw/skills/vpn-mesh/scripts/vpn_mesh.py disconnect
Stops routing through mesh, returns to normal internet.
pair — Generate/share pairing code
# Generate your pairing code
python3 ~/.openclaw/skills/vpn-mesh/scripts/vpn_mesh.py pair
# Connect using a code (from another node)
python3 ~/.openclaw/skills/vpn-mesh/scripts/vpn_mesh.py pair SPAIN-ABC123
Visual Map
Generate an interactive world map showing all mesh nodes:
# ASCII art map (terminal)
python3 ~/.openclaw/skills/vpn-mesh/scripts/mesh_map.py
# HTML map (open in browser)
python3 ~/.openclaw/skills/vpn-mesh/scripts/mesh_map.py --html
# With demo nodes
python3 ~/.openclaw/skills/vpn-mesh/scripts/mesh_map.py --demo --html
The HTML map shows:
- 🗺️ Interactive world map with node markers
- 📊 Stats: total nodes, countries, avg uptime
- 🔴 Live network status indicator
- 🖧 Node cards with connect buttons
- ✨ Dark theme, smooth animations
Security
Built on WireGuard — the gold standard of VPN security.
Private Key Protection
- Private key generated LOCALLY on your server
- Never transmitted over the network
- Stored with 600 permissions (root only)
- Each node has unique keypair
Peer Authentication
- Only public keys exchanged between peers
- WireGuard handshake usesCurve25519
- Forward secrecy — compromised keys can't decrypt old traffic
- No passwords to brute-force
Network Isolation
- Peers can only access VPN interface, not your local network
- iptables firewall locks down exposed services
- All traffic is encrypted end-to-end
- Compromised peer = revoke their public key, instant lockout
Privacy by Design
- No central server to hack
- No user accounts or auth tokens
- Registry only contains public keys + endpoints
- Even if registry is compromised, attackers get nothing useful
Architecture
┌─────────────────────────────────────────────────────────┐
│ VPN Mesh Network │
│ │
│ ┌─────────┐ ┌─────────┐ ┌─────────┐ │
│ │ Node ES │◄────────►│ Node DE │◄────────►│ Node UK │ │
│ │(Spain) │ │(Germany)│ │(London) │ │
│ └─────────┘ └─────────┘ └─────────┘ │
│ ▲ ▲ ▲ │
│ │ │ │ │
│ ┌────┴────┐ ┌────┴────┐ ┌────┴────┐ │
│ │ Your │ │ Peer │ │ Peer │ │
│ │ Agent │ │ Agent │ │ Agent │ │
│ └─────────┘ └─────────┘ └─────────┘ │
│ │
│ Connect to any country with: │
│ vpn_mesh connect-country ES → Routes through Spain │
│ vpn_mesh connect-country DE → Routes through Germany │
│ vpn_mesh connect-country UK → Routes through UK │
└─────────────────────────────────────────────────────────┘
Use Cases
1. Bypass geo-restrictions
Spain blocks Polymarket → vpn_mesh connect-country GB → Access from UK
2. Route AI agent through specific country
Your agent in Spain → connects to German node → appears in Germany
3. Decentralized privacy
No single company controls the network. Each node is independent.
Traffic routes through peer nodes, not through a corporate VPN.
4. Prediction market access
Access prediction markets blocked in your country by connecting
through a node in a country where they're available.
Registry
Nodes announce themselves to a shared registry (GitHub Gist by default).
Registry format:
{
"node_id": "stigs-umbrel",
"public_key": "abc123...",
"endpoint": "79.116.132.72:51820",
"country": "ES",
"city": "Lanzarote",
"version": "0.3.0",
"uptime": "99%",
"updated": "2026-06-01T20:00:00Z"
}
To use a custom registry:
export VPN_MESH_REGISTRY=https://your-gist/raw/nodes.json
python3 ~/.openclaw/skills/vpn-mesh/scripts/vpn_mesh.py list
Troubleshooting
WireGuard not installed:
sudo apt update && sudo apt install wireguard
Can't connect to peer:
- Verify peer's public key matches
- Check endpoint IP:port is accessible
- Ensure both nodes have WireGuard running
Node not showing on map:
- Check registry.json exists at ~/.openclaw/vpn-mesh/
- Verify public_key is present
- Check last_updated timestamp
Permission denied:
sudo wg-quick up ~/.openclaw/vpn-mesh/wg0.conf
Demo Mode
The skill includes demo nodes to showcase the visualization:
python3 ~/.openclaw/skills/vpn-mesh/scripts/mesh_map.py --demo --html
Shows 6 sample nodes across: Spain, Germany, UK, Netherlands, US, Japan
Files
~/.openclaw/vpn-mesh/
├── registry.json # Your node info
├── private.key # Your private key (KEEP SECRET)
├── public.key # Your public key (share this)
├── wg0.conf # WireGuard config
├── demo_nodes.json # Demo nodes for visualization
└── mesh-map.html # Interactive world map
License
MIT — Free to use, modify, and redistribute. No attribution required.
安全使用建议
Install only if you are prepared to audit and modify it first. Do not publish or share registry.json produced by the Python setup path unless private_key is removed and existing keys are rotated. Expect setup to reveal your public IP/location to ipapi.co, expect registry/map features to contact external services, and review wg0.conf before running sudo wg-quick because it changes firewall and traffic-routing behavior.
能力标签
能力评估
Purpose & Capability
The VPN exit-node purpose explains WireGuard keys, peer registries, routing, and sudo use, but the Python setup path writes the WireGuard private key into registry.json while the documentation says the registry contains only public keys and endpoints.
Instruction Scope
The documentation encourages routing through other countries to bypass restrictions, and registry-selected peers can influence traffic routing without strong trust validation or clear warnings.
Install Mechanism
The declared install mechanism is coherent for WireGuard tooling and no hidden package installation was found, but setup and map generation contact external services and load third-party web assets.
Credentials
External IP and location lookups, public registry fetching, generated NAT/forwarding rules, and VPN traffic routing are plausible for the purpose but not disclosed with enough consent and risk detail for this security-sensitive context.
Persistence & Privilege
The skill creates persistent VPN keys, config, registry, and state under ~/.openclaw/vpn-mesh; private.key and wg0.conf are chmod 600, but registry.json can contain the private key in one setup path and is not similarly protected. The generated config also changes firewall/routing state when activated with wg-quick.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install vpn-mesh - 安装完成后,直接呼叫该 Skill 的名称或使用
/vpn-mesh触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v0.3.0
Major upgrade: Stunning HTML map, connect-country command, country-based routing, demo nodes, comprehensive docs, security hardening
v0.2.0
Added mesh_map.py with ASCII and HTML visualization. Shows all nodes on world map with country flags and uptime stats.
v0.1.0
Initial release - WireGuard VPN mesh for OpenClaw agents
元数据
常见问题
Vpn Mesh 是什么?
Turn your OpenClaw agent into a secure VPN exit node. Mesh network for agents to route traffic through peer nodes worldwide. 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 85 次。
如何安装 Vpn Mesh?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install vpn-mesh」即可一键安装,无需额外配置。
Vpn Mesh 是免费的吗?
是的,Vpn Mesh 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。
Vpn Mesh 支持哪些平台?
Vpn Mesh 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 Vpn Mesh?
由 stigg86(@stigg86)开发并维护,当前版本 v0.3.0。
推荐 Skills