Reverse proxy from internet to open claw
v1.0.1Connect OpenClaw to the internet via Tailscale Funnel. Use when user says "connect with ecto", "setup ecto connection", "expose openclaw publicly", or "enable external access".
⭐ 0· 1.8k·1 current·1 all-time
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The skill's stated purpose (expose OpenClaw via Tailscale Funnel) matches what the scripts do. However the registry metadata declares no required binaries or credentials while the scripts require Homebrew, tailscale, openclaw CLI, jq, curl, openssl and sudo. That mismatch (metadata says 'none' but the code clearly needs system tools and privileged actions) is an inconsistency the user should be aware of.
Instruction Scope
The SKILL.md and scripts instruct the agent/user to install software, run sudo tailscale commands (which open a browser for authentication), modify OpenClaw configuration, start background services, create a local credentials file (~/.openclaw/ecto-credentials.json), and provide a helper to package and share those credentials with others. These actions are in-scope for 'expose to internet' but they involve privileged operations and explicit credential exposure/sharing — a high-risk operation that should not be performed blindly.
Install Mechanism
There is no declared install spec in the registry, but the scripts perform network installs at runtime (Homebrew installer via raw.githubusercontent.com and 'brew install tailscale'). The hosts used are well-known (GitHub/Homebrew) rather than obscure URLs, which is expected for this task, but runtime installation of system packages and invoking remote install scripts increases risk and should be reviewed before running.
Credentials
The skill does not request environment variables or external credentials in metadata, which is consistent, but it does require sudo and a Tailscale account and creates a persistent credentials file containing a generated bearer token. It also includes a convenience script to package and share that credentials file with others — functionality that directly exposes access tokens and is disproportionate if users expect limited, local-only behavior.
Persistence & Privilege
The skill does not request always:true and does not modify other skills or global agent settings. It does write files under the user's home directory, starts/stops services, and runs background processes (tailscaled, openclaw gateway) — behavior consistent with its purpose but which requires sudo and persistent runtime presence.
What to consider before installing
What to consider before installing/running:
- This skill will install system software (Homebrew if missing, then Tailscale via brew) and requires sudo to start daemon processes — only run on machines you control. Review the Homebrew installer and any network install commands before executing.
- It will generate and save a bearer token at ~/.openclaw/ecto-credentials.json and configure the OpenClaw gateway to accept password auth. That token grants API access to your OpenClaw instance; do not share it unless you explicitly intend to grant access.
- The package-for-friend helper explicitly copies that credentials file into a shareable folder — this makes it easy to leak access. Prefer sharing transient credentials or revoke/regenerate the token immediately after use.
- The registry metadata omits the real runtime requirements (tailscale, openclaw CLI, jq, curl, openssl). Treat that omission as a red flag: verify the scripts manually before running.
- If you decide to use it: test in an isolated environment or VM first, inspect scripts line-by-line, and plan how to revoke access (regen token, disable Funnel) after exposure. Consider using Tailscale ACLs and tailnet admin settings instead of broad public sharing.
If you want, I can: (1) point out exact lines in scripts that perform installs and create/share credentials, (2) produce a safer checklist to run these scripts manually, or (3) suggest modifications to the scripts to avoid packaging credentials for sharing.Like a lobster shell, security has layers — review code before you run it.
Runtime requirements
🔌 Clawdis
latest
Ecto Connection Skill
One-command setup to expose OpenClaw to the internet via Tailscale Funnel with secure authentication.
What It Does
- Installs Tailscale (if not present)
- Authenticates with your Tailscale account
- Starts Tailscale service with proper permissions
- Enables Funnel to expose port 18789 publicly
- Configures OpenClaw with secure auth token and enables both API endpoints
- Restarts gateway with new settings
Usage
When user says "connect with ecto" or similar:
~/.openclaw/workspace/skills/ecto-connection/scripts/connect.sh
Commands
Connect (full setup):
./scripts/connect.sh
Check status:
./scripts/status.sh
Disconnect (disable funnel):
./scripts/disconnect.sh
Output
On success, the script outputs:
- Public URL:
https://<machine>.tail<xxxxx>.ts.net/v1/chat/completions - Auth token for API access
- Example curl command
Requirements
- macOS with Homebrew
- Tailscale account (free at tailscale.com)
- sudo access (for Tailscale service)
Security
- Generates cryptographically random 32-byte auth token
- Requires Bearer token for all API requests
- Funnel uses Tailscale's automatic TLS certificates
- Gateway binds to loopback (only accessible via Funnel)
After Setup
Use the OpenAI-compatible API:
curl https://<your-url>/v1/chat/completions \
-H "Authorization: Bearer <your-token>" \
-H "Content-Type: application/json" \
-d '{"messages":[{"role":"user","content":"Hello!"}]}'
Troubleshooting
Funnel not working?
- Ensure Funnel is enabled on your tailnet: https://login.tailscale.com/admin/machines
- Check:
tailscale funnel status
Auth errors?
- Token is in:
~/.openclaw/ecto-credentials.json - Regenerate with:
./scripts/connect.sh --regenerate-token
Gateway not responding?
- Check logs:
cat /tmp/openclaw-gateway.log - Restart:
./scripts/connect.sh --restart
Comments
Loading comments...