openclaw-egressNetwork data loss prevention for agent workspaces. Scans skills and files for outbound URLs, data exfiltration endpoints, suspicious domains, and network function calls. Maps every external connection. Free alert layer β upgrade to openclaw-egress-pro for blocking, quarantine, and URL allowlists.
Install via ClawdBot CLI:
clawdbot install AtlasPA/openclaw-egressNetwork DLP for agent workspaces. Scans skills and files for outbound URLs, data exfiltration endpoints, and network function calls.
Skills can phone home. A compromised skill can POST your workspace contents, API keys, or conversation history to an external server. Nothing monitors what URLs your skills connect to or what data they could send.
Scan workspace for all outbound network risks.
python3 {baseDir}/scripts/egress.py scan --workspace /path/to/workspacepython3 {baseDir}/scripts/egress.py scan --skills-only --workspace /path/to/workspaceList all external domains referenced in workspace.
python3 {baseDir}/scripts/egress.py domains --workspace /path/to/workspacepython3 {baseDir}/scripts/egress.py status --workspace /path/to/workspace| Risk | Pattern |
|------|---------|
| CRITICAL | Base64/hex payloads in URLs, pastebin/sharing services, request catchers, dynamic DNS |
| HIGH | Network function calls (requests, urllib, curl, wget, fetch), webhook/callback URLs |
| WARNING | Suspicious TLDs (.xyz, .tk, .ml), URL shorteners, IP address endpoints |
| INFO | Any external URL not on the safe domain list |
0 β Clean1 β Network calls detected (review needed)2 β Exfiltration risk detected (action needed)Python standard library only. No pip install. No network calls. Everything runs locally.
Works with OpenClaw, Claude Code, Cursor, and any tool using the Agent Skills specification.
Generated Mar 1, 2026
AI development teams use this skill to scan their workspace for unauthorized network calls before deploying new skills. It helps prevent data leaks from compromised or malicious skills by detecting exfiltration attempts early in the development cycle.
Financial institutions integrate this skill into their AI agent workflows to ensure compliance with data protection regulations. It scans for risky URLs and network function calls, providing exit codes that trigger alerts for immediate review of potential data breaches.
Healthcare organizations use this skill to monitor AI agents handling sensitive patient data. It detects outbound URLs and network risks, helping to safeguard against unauthorized data sharing and ensuring adherence to HIPAA or similar privacy standards.
Educational institutions deploy this skill to scan AI-powered teaching assistants and tools for hidden network calls. It identifies risks like pastebin links or dynamic DNS endpoints, protecting student data and maintaining a secure learning environment.
E-commerce platforms use this skill to audit AI agents that process customer transactions and data. It scans for suspicious TLDs and webhook URLs, helping to prevent fraud and data exfiltration that could compromise payment information.
Offer this skill as part of a subscription-based security service for AI development teams. Provide regular updates and support, with tiered pricing based on scan frequency and workspace size. Revenue is generated through monthly or annual licenses.
Sell custom integrations of this skill into large organizations' existing AI infrastructure. Offer consulting services for setup, training, and ongoing monitoring, with revenue from one-time project fees and retainer contracts for support.
Provide a free version of the skill for basic scanning, with premium features like advanced reporting, historical data analysis, and priority support. Monetize through upgrades and add-ons, targeting individual developers and small teams.
π¬ Integration Tip
Ensure Python3 is installed on the target system and set the correct workspace path in commands for seamless local execution without external dependencies.
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
Helps users discover and install agent skills when they ask questions like "how do I do X", "find a skill for X", "is there a skill that can...", or express interest in extending capabilities. This skill should be used when the user is looking for functionality that might exist as an installable skill.
Search and analyze your own session logs (older/parent conversations) using jq.
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linking related objects, enforcing constraints, planning multi-step actions as graph transformations, or when skills need to share state. Trigger on "remember", "what do I know about", "link X to Y", "show dependencies", entity CRUD, or cross-skill data access.
Ultimate AI agent memory system for Cursor, Claude, ChatGPT & Copilot. WAL protocol + vector search + git-notes + cloud backup. Never lose context again. Vibe-coding ready.
Headless browser automation CLI optimized for AI agents with accessibility tree snapshots and ref-based element selection