wireguardConfigure WireGuard VPN tunnels with secure routing and key management.
Install via ClawdBot CLI:
clawdbot install ivangdavila/wireguardRequires:
AllowedIPs means different things on each side — server: what peer CAN send; client: what to ROUTE through tunnel0.0.0.0/0 routes ALL traffic including tunnel endpoint — breaks connectivity, must exclude server's public IP first/32 for single host, /24 for subnet, verify carefullyPersistentKeepalive = 25 breaks NAT traversal — peer behind NAT unreachable after ~2 minutesDNS = in client config, DNS queries bypass tunnel — leaks real IP to DNS provider0.0.0.0/0) without DNS config = false sense of security — traffic tunneled but DNS exposedwg set for live changes without dropping connectionswg syncconf applies changes without restart — but config file format differs from wg.conf (use wg-quick strip)wg show displays handshake timestamps — stale handshake (>2 min) means connection dead despite interface upGenerated Mar 1, 2026
Secure remote access for employees working from home or traveling, ensuring all internet traffic is routed through the company network. This prevents data leaks and provides access to internal resources while maintaining security policies.
Connecting cloud instances across AWS, Azure, and Google Cloud with encrypted tunnels for secure inter-cloud communication. This creates a unified network fabric while maintaining security boundaries between different cloud providers.
Managing distributed IoT devices with secure VPN tunnels for configuration updates and data collection. This ensures encrypted communication between field devices and central management systems while preventing unauthorized access.
Connecting remote branch offices to headquarters with encrypted tunnels for secure data transfer and resource sharing. This replaces expensive leased lines with secure internet-based connections while maintaining performance.
Creating isolated development and testing environments with secure VPN access for distributed teams. This allows developers to access staging servers and test environments securely from anywhere while maintaining network segmentation.
Offering WireGuard VPN as a managed service with configuration, monitoring, and support. This includes automated key rotation, performance monitoring, and 24/7 support for business clients who need reliable VPN without in-house expertise.
Selling pre-configured hardware or virtual appliances with WireGuard optimized for specific use cases. This includes routers, firewalls, or dedicated VPN servers with simplified management interfaces and enterprise features.
Providing professional services for WireGuard deployment, including architecture design, configuration, security auditing, and staff training. This targets organizations migrating from legacy VPN solutions or implementing complex multi-site networks.
💬 Integration Tip
Always test routing configurations thoroughly before deployment, as AllowedIPs misconfigurations are the most common cause of connectivity issues. Use wg show to verify handshakes and monitor connection status.
Set up and use 1Password CLI (op). Use when installing the CLI, enabling desktop app integration, signing in (single or multi-account), or reading/injecting/running secrets via op.
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
Perform a comprehensive read-only security audit of Clawdbot's own configuration. This is a knowledge-based skill that teaches Clawdbot to identify hardening opportunities across the system. Use when user asks to "run security check", "audit clawdbot", "check security hardening", or "what vulnerabilities does my Clawdbot have". This skill uses Clawdbot's internal capabilities and file system access to inspect configuration, detect misconfigurations, and recommend remediations. It is designed to be extensible - new checks can be added by updating this skill's knowledge.
Use when reviewing code for security vulnerabilities, implementing authentication flows, auditing OWASP Top 10, configuring CORS/CSP headers, handling secrets, input validation, SQL injection prevention, XSS protection, or any security-related code review.
Security check for ClawHub skills powered by Koi. Query the Clawdex API before installing any skill to verify it's safe.
Scan Clawdbot and MCP skills for malware, spyware, crypto-miners, and malicious code patterns before you install them. Security audit tool that detects data exfiltration, system modification attempts, backdoors, and obfuscation techniques.