clawsec/skills/nanoclaw-traffic-guardian/skill.json

{
  "name": "nanoclaw-traffic-guardian",
  "version": "0.0.1-beta3",
  "description": "NanoClaw runtime traffic monitoring baseline for host-side proxy inspection with container-safe MCP and IPC status surfaces.",
  "author": "prompt-security",
  "license": "AGPL-3.0-or-later",
  "homepage": "https://clawsec.prompt.security/",
  "platform": "nanoclaw",
  "keywords": [
    "security",
    "nanoclaw",
    "traffic-monitoring",
    "egress",
    "exfiltration",
    "injection",
    "proxy",
    "mitm",
    "mcp",
    "container"
  ],
  "sbom": {
    "files": [
      {
        "path": "SKILL.md",
        "required": true,
        "description": "NanoClaw traffic guardian skill instructions and operating model"
      },
      {
        "path": "README.md",
        "required": true,
        "description": "Human-oriented overview and builder handoff notes"
      },
      {
        "path": "CHANGELOG.md",
        "required": true,
        "description": "Version history and baseline release notes"
      },
      {
        "path": "SPEC.md",
        "required": true,
        "description": "Implementation specification for NanoClaw runtime traffic monitoring"
      },
      {
        "path": "lib/.gitkeep",
        "required": false,
        "description": "Placeholder for shared detector, type, and report code"
      },
      {
        "path": "host-services/.gitkeep",
        "required": false,
        "description": "Placeholder for host-side monitor lifecycle and IPC handlers"
      },
      {
        "path": "mcp-tools/.gitkeep",
        "required": false,
        "description": "Placeholder for container-side MCP tool definitions"
      }
    ]
  },
  "capabilities": [
    "Spec baseline for host-side runtime traffic monitoring",
    "MCP status and findings query surface",
    "Container-safe host/container IPC boundary",
    "Optional HTTPS inspection with explicit per-runtime trust",
    "Redacted local threat logging"
  ],
  "nanoclaw": {
    "mcp_tools": [
      "clawsec_traffic_status",
      "clawsec_traffic_findings",
      "clawsec_traffic_check_config"
    ],
    "requires": {
      "node": ">=18.0.0",
      "nanoclaw": ">=0.1.0"
    },
    "runtime": {
      "required_env": [],
      "optional_env": [
        "NANOCLAW_TRAFFIC_GUARDIAN_HOME",
        "NANOCLAW_TRAFFIC_GUARDIAN_CONFIG",
        "NANOCLAW_TRAFFIC_GUARDIAN_MODE",
        "NANOCLAW_TRAFFIC_GUARDIAN_PROXY_URL",
        "NANOCLAW_TRAFFIC_GUARDIAN_CA_BUNDLE",
        "NANOCLAW_TRAFFIC_GUARDIAN_LOG_DIR",
        "NANOCLAW_TRAFFIC_GUARDIAN_MAX_SCAN_BYTES",
        "NANOCLAW_TRAFFIC_GUARDIAN_REDACT_SNIPPETS"
      ]
    },
    "capabilities": {
      "runtime_traffic_monitoring": "spec_baseline",
      "http_proxy_inspection": "planned",
      "https_mitm_inspection": "planned_optional",
      "egress_exfiltration_detection": "planned",
      "inbound_injection_detection": "planned",
      "mcp_status_tools": "planned",
      "blocking": "future_version"
    },
    "execution": {
      "always": false,
      "persistence": "Spec baseline only. Builders must keep host-side monitoring opt-in and avoid container persistence without explicit operator action.",
      "network_egress": "Future runtime will proxy operator-scoped NanoClaw/WhatsApp-bot traffic. No runtime network behavior is implemented in v0.0.1."
    },
    "operator_review": [
      "Keep proxy runtime on the host side when possible; expose only status and findings into the container.",
      "Do not grant container code access to CA private key material.",
      "Do not install a system-wide CA automatically.",
      "Default to detect-and-log mode; blocking is out of scope for v0.0.1 implementation.",
      "Redact secret snippets before writing logs or exposing MCP responses."
    ],
    "integration": {
      "mcp_tools_dir": "mcp-tools/",
      "host_services_dir": "host-services/",
      "result_channel": "/workspace/ipc/clawsec_results"
    }
  }
}