Stats
Actions
Tags
From hydra-egress-shield
OPT-IN BLOCKING egress allowlist. Pairs with hydra-egress-monitor (advisory). When state/egress-policy.json sets enabled:true, this shield blocks any WebFetch / WebSearch / Bash-network call whose destination host is not in the operator-curated allowlist. Use when the developer asks why a network call was blocked, wants to inspect or edit the egress allowlist, or asks about audit.ndjson policy_blocked events. Default disabled — out of the box this shield does nothing. Do not use for observability without enforcement (see egress-monitor).
How this skill is triggered — by the user, by Claude, or both
Slash command
/hydra-egress-shield:shield-awarenesshaikuThis skill is limited to the following tools:
The summary Claude sees in its skill listing — used to decide when to auto-load this skill
<purpose>
<override_note> This shield exists as an explicit override of ../vis/packages/core/conduct/hooks.md "Hooks inform, they don't decide". The override is documented in this plugin's README and is permitted by wixie/CLAUDE.md: "When a module conflicts with a plugin-local instruction, the plugin wins — but log the override." The advisory sibling hydra-egress-monitor remains unchanged; operators choose whether to add this blocking layer on top. </override_note>
1. NEVER claim a block was a bug without verifying the host is intentionally absent from the allowlist. 2. NEVER recommend setting enabled:false to suppress an unwanted block — recommend adding the host to the allowlist or scoping it. 3. ALWAYS read state/audit.ndjson directly when answering "what got blocked" questions; do not invent block events. 4. ALWAYS note that the shield is fail-safe: malformed policy file → no blocking (operator must fix config to re-enable). 5. NEVER write to state/egress-policy.json from this skill — propose the diff to the operator; they edit. Tools allow Read+Bash only.<signal_glossary>
<decision_tree> IF developer asks "why was X blocked": → Read state/egress-policy.json → confirm enabled:true. → Read recent state/audit.ndjson rows → find the policy_blocked entry. → Explain: host was not in allowlist; show proposed allowlist edit.
IF developer wants to enable the shield: → Confirm state/egress-policy.json exists (copy from .example.json if not). → Show the diff to set enabled:true. → Recommend a starter allowlist matching their dependencies.
IF developer wants to disable the shield: → Edit state/egress-policy.json: set enabled:false. → Hook becomes silent no-op until re-enabled. </decision_tree>
<output_format>
Policy enabled: <true | false> Allowlist size: <n> entries Recent blocks: <k> in last 50 audit rows
| ts | tool | host | allowlist_size |
|---|---|---|---|
| ... | ... | ... | ... |
The shield is opt-in blocking; observability without enforcement lives in hydra-egress-monitor. Override of ../vis/packages/core/conduct/hooks.md is logged in this plugin's README. </output_format>
npx claudepluginhub enchanter-ai/hydra --plugin egress-shieldCreates, edits, and optimizes skills for Claude Code, including drafting, evaluating with test prompts, iterating on performance, and improving skill descriptions for better triggering accuracy.