Install
openclaw skills install @workloftai/sluiceAn outbound egress guard for agents — scan any message (email, social draft, Telegram reply, a write to a public site) for leaked secrets and private identifiers before it goes out, and either refuse it or redact them in place. Pure standard library, precision-tuned to not cry wolf.
openclaw skills install @workloftai/sluiceAgents touch live credentials all day: API keys in .env, bot tokens in systemd
units, JWTs from Supabase. One careless paste into outbound copy and a key is on
the public internet forever. sluice is the gate between the machine's insides
and the outside world: every outbound message passes through it first. Pure
Python standard library — no network, no model call, no dependencies.
The executable is {baseDir}/bin/sluice.
Put sluice in front of anything an agent sends or publishes — an email, a
social post, a Telegram reply, a commit to a public site. Use scan as a
pre-send gate (blocks on a breach) or redact to scrub in a pipe.
# gate a draft — only proceeds if clean (scan exits non-zero on a breach)
{baseDir}/bin/sluice scan draft.md && ./send-it draft.md
# scrub a file and keep going
{baseDir}/bin/sluice redact draft.md > safe.md
# sits in a pipe
generate-post | {baseDir}/bin/sluice redact | queue-to-typefully
# machine-readable, control the block threshold
{baseDir}/bin/sluice scan --json --fail-on high draft.md
scan prints findings to stderr and exits non-zero at or above --fail-on
(default high). redact writes cleaned text to stdout. Previews never echo
the full secret — glpa…z9 (26 chars), never the value.
key = <high-entropy value> assignments (entropy-gated so prose
doesn't trip it), private infrastructure paths.{baseDir}/bin/sluice — never hardcode a path.key=value rule carries a Shannon-entropy gate.Detector to sluice/detectors.py.