ClawHub

Zipsa

Local-first privacy gateway for LLM applications. Use when the user needs to process sensitive, private, or proprietary information (PII, health records, int...

MIT-0 · Free to use, modify, and redistribute. No attribution required.
0 · 15 · 0 current installs · 0 all-time installs
bySulgi Kim@sulgik
MIT-0
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description (local privacy gateway) align with the files and instructions: SKILL.md and README describe an OpenAI-compatible local gateway that reformulates queries and routes hybrid requests to cloud providers. The included relay script targets a local endpoint and is consistent with a local-first design.
Instruction Scope
SKILL.md limits actions to routing queries through a local gateway and preserving session_id for continuity. It does not instruct the agent to read arbitrary local files or other environment variables. Minor inconsistencies: SKILL.md shows example OPENAI_BASE_URL of http://localhost:8000/v1 while the provided relay script POSTs to http://localhost:8000/relay; also SKILL.md suggests using an OPENAI_API_KEY placeholder (zipsa-key) but the skill does not require or manage any real credentials.
Install Mechanism
No install spec is present (instruction-only plus a tiny helper script). Nothing is downloaded or written to disk by an automated installer in the package, which minimizes install-time risk.
Credentials
The skill does not request any environment variables or credentials, which is appropriate for an instruction-only gateway. However, SKILL.md examples reference OPENAI_BASE_URL and OPENAI_API_KEY placeholders — users should treat these as configuration examples for pointing a client at a trusted local Zipsa instance, not as required secrets to hand to the skill.
Persistence & Privilege
The skill does not request persistent/always-on privileges (always: false) and includes no code that modifies other skills or agent-wide settings. Autonomous invocation is allowed by platform default but is not combined with other red flags here.
Assessment
This skill appears coherent for running a trusted local gateway, but before installing or using it: (1) ensure you actually run a trusted Zipsa server locally (the skill assumes a local HTTP endpoint); (2) verify the real gateway's endpoint path (SKILL.md examples use /v1 but the helper script posts to /relay) and confirm it only listens on localhost; (3) do not place your cloud provider API keys into a skill you haven't audited—if you must provide external-provider keys, keep them on the local host and verify the gateway's code handles them safely; (4) review the gateway server implementation (not included here) to ensure it does not forward raw private data to remote hosts or phone-home to unexpected endpoints; and (5) if you lack a trusted local Zipsa process, do not point OPENAI_BASE_URL at a remote/untrusted address. If you want higher assurance, obtain and review the full gateway server source or run it in an isolated environment before connecting sensitive data.

Like a lobster shell, security has layers — review code before you run it.

Current versionv0.1.0
Download zip
latestvk9700gj1qyxfdfsebytg0we23h839bpf

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

SKILL.md

Zipsa

Zipsa is a local-first privacy gateway that sits between OpenClaw and cloud LLMs. It ensures that raw private context never leaves the local environment while still allowing the use of powerful frontier models for reasoning.

When to Use

Trigger this skill whenever the user provides or asks to process:

  • PII: Names, SSNs, DOBs, contact info.
  • Healthcare Data: Patient records, clinical notes, symptoms.
  • Internal Business Context: Pricing floors, negotiation terms, churn warnings, project codenames.
  • Secrets: API keys, credentials, internal system details.

Core Workflow

Zipsa operates as an OpenAI-compatible gateway (default: http://localhost:8000/v1).

1. Identify Sensitive Context

When the user's request contains sensitive data, explain that Zipsa will be used to protect their privacy.

2. Route Through Zipsa

Instead of calling the standard cloud providers directly, use the Zipsa endpoint. Zipsa will:

  • Scan locally for high-risk markers.
  • Classify the query (Private, Hybrid, or Knowledge).
  • Reformulate (rewrite) the query to abstract identity and proprietary details.
  • Route the safe version to the cloud.
  • Synthesize the final answer back with the local details.

Integration Examples

Using with OpenClaw

OpenClaw can be configured to use Zipsa as its backend:

  • OPENAI_BASE_URL=http://localhost:8000/v1
  • OPENAI_API_KEY=zipsa-key
  • OPENAI_MODEL=zipsa

Multi-turn Sessions

For conversation continuity, always pass a session_id.

{
  "model": "zipsa",
  "messages": [...],
  "extra_body": { "session_id": "unique-session-id" }
}

Reference

For detailed configuration and advanced examples, see references/README.md.

Files

3 total
Select a file
Select a file to preview.

Comments

Loading comments…