clawwall

Outbound DLP for OpenClaw — hard regex blocks secrets & PII from leaving the machine. Domain control, no LLM.

Safety Notice

This listing is from the official public ClawHub registry. Review SKILL.md and referenced scripts before running.

Copy this and send it to your AI assistant to learn

Install skill "clawwall" with this command: npx skills add Stanxy/clawwall

ClawWall — Outbound DLP for OpenClaw

GitHub: https://github.com/Stanxy/clawguard Release: https://github.com/Stanxy/clawguard/releases/tag/v0.2.1 PyPI: https://pypi.org/project/clawwall

ClawWall sits between your AI agent and the outside world. Every outbound tool call is intercepted and scanned against 60+ hard-coded patterns before anything leaves the machine. If content matches — it is blocked or redacted. No LLM, no approximation: regex and entropy only.

Trust & Permissions

Be aware of what this installs:

  • A local Python service (port 8642) that receives every outbound tool call for scanning
  • An OpenClaw plugin that hooks before_tool_call — all outbound content passes through it
  • A local SQLite database that stores scan findings metadata

What the database stores: finding type, severity, position offsets, action taken, and duration. It never stores raw content, secrets, or PII values.

What it does NOT do: no telemetry, no external connections, no data leaves the machine. The service is fully local.

Plugin registration is manual — nothing is auto-installed into OpenClaw. You must explicitly add the plugin to your config (see below).

Installation

Prerequisites

  • Python 3.10+, pip
  • Node.js + npm (for the OpenClaw plugin only)

1. Install the ClawWall service (PyPI)

pip install clawwall==0.2.1

Verify the SHA256 of the downloaded wheel if you want to confirm integrity:

5939d375c724771931e92e88be2b2f11cd27a4eec095af95cb6923b61220c65f  clawwall-0.2.1-py3-none-any.whl
1e1ecae39bb4d351f0e503501e2615814c5c0cd0f822998f5648fa74eb1de5c2  clawwall-0.2.1.tar.gz

Or clone at the pinned release tag:

git clone --branch v0.2.1 https://github.com/Stanxy/clawguard.git
cd clawguard && pip install .

2. Start the service

clawwall

Or via Python:

python -m clawguard

Service starts on http://localhost:8642. Dashboard at http://localhost:8642/dashboard.

3. Install the OpenClaw plugin (manual)

git clone --branch v0.2.1 https://github.com/Stanxy/clawguard.git
cd clawguard/openclaw-integration/clawguard-plugin
npm install && npm run build

Then manually add to your OpenClaw config:

{
  "plugins": {
    "clawwall": {
      "path": "/path/to/clawguard/openclaw-integration/clawguard-plugin/dist/index.js",
      "config": {
        "serviceUrl": "http://127.0.0.1:8642",
        "blockOnError": false,
        "timeoutMs": 5000
      }
    }
  }
}

Set blockOnError: true to fail-closed (block all tool calls if the service is unreachable). Set blockOnError: false (default) to fail-open (allow calls through if the service is down).

4. (Optional) Install this skill

clawhub install clawwall

Configuration

Environment variables (all prefixed CLAWGUARD_):

VariableDefaultDescription
CLAWGUARD_HOST0.0.0.0Bind address
CLAWGUARD_PORT8642Port
CLAWGUARD_DATABASE_URLsqlite+aiosqlite:///clawwall.dbDatabase path
CLAWGUARD_POLICY_PATHconfig/default_policy.yamlPolicy file
CLAWGUARD_LOG_LEVELINFOLog verbosity

What ClawWall Detects

  • Secrets (51 patterns): AWS, GCP, Azure, GitHub, Stripe, Slack, PayPal, Square, SSH/PGP private keys, database URIs, JWT tokens, and more
  • PII (10 patterns): SSNs, credit cards (Luhn-validated), emails, phone numbers, IP addresses
  • Entropy analysis: high-entropy strings that don't match any known pattern

Policy

Default policy (config/default_policy.yaml) blocks all findings:

default_action: BLOCK      # BLOCK | REDACT | ALLOW
redaction:
  strategy: mask           # mask | hash | remove
  mask_char: "*"
  mask_preserve_edges: 4
destination_allowlist: []  # bypass scanning for trusted destinations
destination_blocklist: []  # always reject these destinations
custom_patterns: []        # add your own regex patterns
disabled_patterns: []      # disable specific built-in patterns by name

API Quick Start

curl -s -X POST http://localhost:8642/api/v1/scan \
  -H "Content-Type: application/json" \
  -d '{"content": "key=AKIAIOSFODNN7EXAMPLE", "destination": "api.example.com"}'

Response:

{
  "action": "BLOCK",
  "findings": [{
    "finding_type": "aws_access_key_id",
    "severity": "CRITICAL",
    "redacted_snippet": "AKIA************MPLE"
  }],
  "duration_ms": 2.1
}

Agent Instructions

You are operating behind ClawWall. All outbound tool calls are scanned before leaving the machine using hard pattern matching — not an LLM.

ResultMeaning
ALLOWNo sensitive data detected — call went through
REDACTSensitive portions were masked before sending
BLOCKCall rejected — nothing was sent

Best practices:

  • Never include raw API keys, tokens, or PII in outbound calls
  • Reference credentials by name ($OPENAI_API_KEY), not by value
  • If blocked, check findings to see what matched, remove it, and retry
  • False positive? Tell the user to adjust the policy via the dashboard at http://localhost:8642/dashboard

Source Transparency

This detail page is rendered from real SKILL.md content. Trust labels are metadata-based hints, not a safety guarantee.

Open Registry RecordOpen in ClawHub

Related Skills

Related by shared tags or category signals.

General

Hippo Video

Hippo Video integration. Manage Persons, Organizations, Deals, Leads, Activities, Notes and more. Use when the user wants to interact with Hippo Video data.

Registry SourceRecently Updated
00
membranedev
General

币安资金费率监控

币安资金费率套利监控工具 - 查看账户、持仓、盈亏统计,SkillPay收费版

Registry SourceRecently Updated
0184
yyu812707-wq
General

apix

Use `apix` to search, browse, and execute API endpoints from local markdown vaults. Use this skill to discover REST API endpoints, inspect request/response s...

Registry SourceRecently Updated
0160
dngpng