AWF — Agentic Workflow Firewall

Name: AWF — Agentic Workflow Firewall
Author: github

Run commands and agent workflows with application-layer domain whitelisting and container-level network isolation (AWF) for safer automated runs.

triggers:awfagentic firewallegress controldomain whitelistingsandboxrun with firewall

GitHub SKILL.md

What it does

AWF (Agentic Workflow Firewall) provides an easy CLI for running commands and agent workloads inside a controlled network environment. It enforces L7 domain allowlists, optional SSL-bump inspection, host-level enforcement (iptables/Docker), and modes for chroot/host-binary access while preventing unwanted external egress.

When to use it

Use AWF when you need to run untrusted or networked agent tasks safely, test code that makes external requests with strict allowlists, or integrate firewalled steps into CI (GitHub Actions, local tests). It's valuable for security-conscious automation, Playwright/localhost testing with limited egress, and running Copilot/agent CLIs in a sandbox.

What's included

Scripts: installation and helper CLI examples are provided in the README and skill body (has_scripts=false in the fetch but many CLI examples are included)
References: usage examples, debugging commands, log analysis, and GitHub Actions snippets included inline
Instructions: quick-start examples showing how to allow domains, test blocking, enable debug logs, keep containers for inspection, and common troubleshooting steps.

Compatible agents

Ideal for infra and CI-focused agents (Copilot CLI, GitHub Actions runners, Claude Code) and any automation that needs controlled network access. Requires sudo/docker privileges for full functionality.

Not yet audited

This skill has not been reviewed by our automated audit pipeline yet.

Information

Repository: gh-aw-firewall
Stars: 93
Installs: 0

Related Skills

TradeOS

Natural-language driven CEX trading and portfolio management for agents: API key vaulting, multi-exchange orders, DCA, arbitrage scanning, alerts and security r

Spring Boot Migration

Guided, phased migration for existing Spring Boot apps to Boot 4 / Java 25 (including Modulith 2 and Testcontainers 2), with scanners and reference guides.

Java 25 & Spring Boot 4 Code Reviewer

Run focused, evidence-based code reviews for Java 25 and Spring Boot 4 projects — migration risks, architecture boundaries, null-safety (JSpecify), security, an

ArcKit — French Public Procurement (fr-marche-public)

Generates French public procurement (Dossier de Consultation des Entreprises) drafts aligned with the Code de la Commande Publique, UGAP frameworks, and DINUM d

ArcKit Architecture Conformance

Run a systematic architecture conformance assessment that compares ADRs and principles against HLD/DLD artifacts to surface drift, violations, and technical deb

Speak Security Basics

Security best practices for integrating Speak: API key management, audio data privacy, student data protection, and COPPA/FERPA compliance for production deploy

Replit — Advanced Troubleshooting

Step-by-step diagnostics and debugging techniques for deep Replit issues: Nix build failures, container crash loops, memory leaks, and platform vs app isolation

Vercel Common Errors

Diagnose and fix common Vercel build, serverless runtime, and edge/routing errors with step-by-step checks and fixes.

Back to Skills

AWF — Agentic Workflow Firewall

from gh-aw-firewall93

Run commands and agent workflows with application-layer domain whitelisting and container-level network isolation (AWF) for safer automated runs.

triggers:awfagentic firewallegress controldomain whitelistingsandboxrun with firewall

GitHub SKILL.md

What it does

When to use it

What's included

Scripts: installation and helper CLI examples are provided in the README and skill body (has_scripts=false in the fetch but many CLI examples are included)
References: usage examples, debugging commands, log analysis, and GitHub Actions snippets included inline
Instructions: quick-start examples showing how to allow domains, test blocking, enable debug logs, keep containers for inspection, and common troubleshooting steps.

Compatible agents

Not yet audited

This skill has not been reviewed by our automated audit pipeline yet.

Information

Repository: gh-aw-firewall
Stars: 93
Installs: 0

Related Skills

TradeOS

Natural-language driven CEX trading and portfolio management for agents: API key vaulting, multi-exchange orders, DCA, arbitrage scanning, alerts and security r

Spring Boot Migration

Guided, phased migration for existing Spring Boot apps to Boot 4 / Java 25 (including Modulith 2 and Testcontainers 2), with scanners and reference guides.

Java 25 & Spring Boot 4 Code Reviewer

Run focused, evidence-based code reviews for Java 25 and Spring Boot 4 projects — migration risks, architecture boundaries, null-safety (JSpecify), security, an

ArcKit — French Public Procurement (fr-marche-public)

Generates French public procurement (Dossier de Consultation des Entreprises) drafts aligned with the Code de la Commande Publique, UGAP frameworks, and DINUM d

ArcKit Architecture Conformance

Run a systematic architecture conformance assessment that compares ADRs and principles against HLD/DLD artifacts to surface drift, violations, and technical deb

Speak Security Basics

Security best practices for integrating Speak: API key management, audio data privacy, student data protection, and COPPA/FERPA compliance for production deploy

Replit — Advanced Troubleshooting

Step-by-step diagnostics and debugging techniques for deep Replit issues: Nix build failures, container crash loops, memory leaks, and platform vs app isolation

Vercel Common Errors

Diagnose and fix common Vercel build, serverless runtime, and edge/routing errors with step-by-step checks and fixes.

AWF — Agentic Workflow Firewall

What it does

When to use it

What's included

Compatible agents

Tags

Not yet audited

Information

Related Skills

AWF — Agentic Workflow Firewall

What it does

When to use it

What's included

Compatible agents

Tags

Not yet audited

Information

Related Skills