Clawxrouter

The plugin's code, prompts, and runtime behavior are consistent with a privacy-aware edge/cloud routing plugin; nothing in the bundle is obviously trying to do something unrelated, but there are a few operational risks and choices you should review before installing.

This plugin is internally coherent with its privacy-routing purpose, but review a few operational risks before installing: - Review and customize the default config (config.example.json) before enabling: S2/S3 rules, listed sensitive paths, s2Policy (proxy vs local), and proxyPort. Defaults write to ~/.openclaw and create a guard workspace. - Confirm where the privacy proxy listens (default localhost:8403) and ensure only trusted local processes can access it; if the host binds to non-local interfaces that could expose forwarded content. - Check how external services are used: token-saver/judgeEndpoint points to openrouter.ai in the shipped example. Decide whether task-judging or other remote calls are allowed for your environment, and ensure PII redaction is enabled for any classifier that forwards content externally. - Verify that provider API keys stored in the OpenClaw config (api.config / models.providers.*.apiKey) are acceptable to be read/used by this plugin — the proxy may need those keys to forward requests. - Understand guard-agent isolation: prompts in prompts/ are designed for the local guard agent; confirm the plugin runs those in an isolated guard process and that guard history is stored under the plugin's workspace (not merged into global, unless you choose to). - Test on non-sensitive data first to confirm redaction/ routing behavior is what you expect. If you want, I can point out specific files/lines to review (e.g., privacy-proxy and provider code paths) or produce a checklist of settings to change before enabling.