openclaw-egress
v1.0.2智能体工作区网络数据防泄漏。扫描技能与文件的出站URL、外泄端点、可疑域名及网络调用,映射全量外连。免费告警,升级至openclaw-egress-pro可享阻断、隔离与URL白名单。
Sourced from ClawHub,
Authored by AtlasPA
Installation
Please help me install the skill `openclaw-egress` from SkillHub official store.
npx skills add AtlasPA/openclaw-egress
OpenClaw Egress
Network DLP for agent workspaces. Scans skills and files for outbound URLs, data exfiltration endpoints, and network function calls.
The Problem
Skills can phone home. A compromised skill can POST your workspace contents, API keys, or conversation history to an external server. Nothing monitors what URLs your skills connect to or what data they could send.
Commands
Full Scan
Scan workspace for all outbound network risks.
python3 {baseDir}/scripts/egress.py scan --workspace /path/to/workspace
Skills-Only Scan
python3 {baseDir}/scripts/egress.py scan --skills-only --workspace /path/to/workspace
Domain Map
List all external domains referenced in workspace.
python3 {baseDir}/scripts/egress.py domains --workspace /path/to/workspace
Quick Status
python3 {baseDir}/scripts/egress.py status --workspace /path/to/workspace
What It Detects
| Risk | Pattern |
|---|---|
| CRITICAL | Base64/hex payloads in URLs, pastebin/sharing services, request catchers, dynamic DNS |
| HIGH | Network function calls (requests, urllib, curl, wget, fetch), webhook/callback URLs |
| WARNING | Suspicious TLDs (.xyz, .tk, .ml), URL shorteners, IP address endpoints |
| INFO | Any external URL not on the safe domain list |
Exit Codes
0— Clean1— Network calls detected (review needed)2— Exfiltration risk detected (action needed)
No External Dependencies
Python standard library only. No pip install. No network calls. Everything runs locally.
Cross-Platform
Works with OpenClaw, Claude Code, Cursor, and any tool using the Agent Skills specification.