Establish a secure, verified path when access is blocked by geo/IP policy, then resume the blocked workflow safely and audibly.

Primary outcomes:

• detect and classify block behavior,
• switch to a valid tunnel path with explicit user consent,
• verify public IP, region, and DNS safety posture,
• re-run blocked task with bounded retries,
• return an auditable connection report.

This is an orchestration skill. It does not guarantee legal access to restricted services.

# Required Installed Skills

Core diagnostics/orchestration:

• shell-scripting (inspected latest: 1.0.0)
• curl-http (inspected latest: 1.0.0)

Tunnel path options (at least one):

• provider CLI path (NordVPN / Mullvad / ExpressVPN) via shell orchestration
• wireguard (inspected latest: 1.0.0)
• tailscale (inspected latest: 1.0.0)

Safety and verification extensions:

• dns (inspected latest: 1.0.0)
• ipinfo (inspected latest: 1.0.0)
• moltguard (inspected latest: 6.0.2, optional but recommended)

Install/update:

npx -y clawhub@latest install shell-scripting
npx -y clawhub@latest install curl-http
npx -y clawhub@latest install wireguard
npx -y clawhub@latest install tailscale
npx -y clawhub@latest install dns
npx -y clawhub@latest install ipinfo
npx -y clawhub@latest install moltguard
npx -y clawhub@latest update --all

Verify:

npx -y clawhub@latest list

# Required Credentials and Access

Required access:

• valid account/session for selected tunnel path
• local executable for selected path (nordvpn/mullvad/expressvpn or wg or tailscale)

Optional keys:

• MOLTGUARD_API_KEY (if MoltGuard remote detection mode is enabled)
• IPINFO_TOKEN (optional, higher quota geolocation verification)

Preflight:

command -v nordvpn || command -v mullvad || command -v expressvpn || command -v wg || command -v tailscale
echo "$MOLTGUARD_API_KEY" | wc -c
echo "$IPINFO_TOKEN" | wc -c

Mandatory behavior:

• Never fail silently on missing keys/auth.
• Always return MissingAPIKeys and/or MissingCredentials with blocked stages.
• Continue with non-blocked diagnostics and mark output as Partial when needed.

# Compliance Gate (Mandatory)

Before any tunnel switch, confirm and record:

• user authorization to modify network routing,
• acknowledgment of legal/terms responsibility,
• stated purpose for geo-switch (testing, parity checks, privacy hardening).

If acknowledgment is missing:

• do not execute switching commands,
• return diagnostics-only output.

# Inputs the LM Must Collect First

• blocked_url or blocked_endpoint
• blocked_task_name (example: prediction-market-arbitrage)
• target_region
• tunnel_path (provider-cli, wireguard, tailscale-exit-node)
• provider_or_profile (provider name, WG profile, or exit-node name)
• risk_mode (diagnose-only, switch-and-verify, switch-and-resume)
• kill_switch_required (yes/no)
• max_retries (default: 2)

Do not execute switching before tunnel path and target region are explicit.

# Tool Responsibilities

shell-scripting

Use as control plane:

• executable detection,
• connect/disconnect wrappers,
• retry and cleanup logic,
• deterministic logging.

curl-http

Use for protocol-level evidence:

• baseline and post-switch HTTP checks,
• 403/geo-block signature capture,
• header and status comparisons.

wireguard

Use when deterministic profile-based tunnels are required:

• controlled profile activation,
• route and AllowedIPs sanity expectations,
• DNS handling awareness in tunnel config.

tailscale

Use for tailnet and exit-node path:

• tailscale up --exit-node=,
• connectivity validation via tailscale ping/status,
• fast fallback among available exit nodes.

dns

Use for DNS leak and propagation sanity guidance:

• resolver checks,
• authoritative vs cached record reasoning,
• explicit leak-risk interpretation when DNS path remains local.

ipinfo

Use for geo-attestation:

• validate post-switch country/region/ASN,
• compare with baseline,
• provide confidence level for geo-alignment.

moltguard

Use as prompt/tool security guardrail:

• sanitize sensitive prompt/tool content,
• detect prompt-injection patterns in fetched content,
• reduce accidental secret leakage in workflow logs.

Important limitation:

• MoltGuard is not a VPN manager and not a full network leak detector.

# Canonical Causal Signal Chain

• Block Detection
• baseline request to blocked endpoint,
• classify as geo_block, ip_block, auth_block, or other_http_error.

• Baseline Snapshot
• capture pre-switch public IP, country, and resolver context.

• Tunnel Path Selection
• choose one path:

- provider CLI, - WireGuard profile, - Tailscale exit node.

• verify binary/auth/profile availability before connect.

• Tunnel Activation
• connect selected path,
• confirm session state from tool output,
• enforce kill-switch preference if available.

• Geo and IP Verification
• compare pre/post public IP,
• verify target country best-effort (ipinfo.io + optional token),
• record confidence if country mismatches.

• DNS Safety Check
• check resolver behavior and detect obvious DNS bypass patterns,
• flag risk if DNS appears untunneled in full-tunnel expectation.

• Access Retest
• retry blocked endpoint,
• compare HTTP status/content signatures against baseline.

• Task Resumption
• if retest passes, resume blocked workflow automatically (switch-and-resume mode),
• otherwise rotate endpoint/profile once within retry budget and stop with evidence.

Suggested verification commands:

curl -s ifconfig.me
curl -s https://ipinfo.io/json
curl -I "${BLOCKED_URL}"

# Leak and Safety Checks

Minimum checks before success:

• public IP changed,
• target country aligned (or deviation explicitly explained),
• endpoint moved from blocked to reachable/expected-auth state,
• DNS path does not contradict tunnel expectations,
• no unresolved high-risk MoltGuard warning (if enabled).

If kill-switch is required but not supported/verified:

• return Needs Review and avoid high-risk task resumption.

# Output Contract

Always return:

• BlockDiagnosis

- block type - baseline HTTP evidence

• TunnelPath

- selected path and rationale - provider/profile/exit node

• TunnelStatus

- connect state - pre/post IP - target region match

• DNSSafety

- resolver observation - leak risk assessment (low|medium|high)

• SecurityStatus

- MoltGuard mode (enabled, gateway-only, disabled) - unresolved warnings

• AccessRetest

- post-switch result - improvement vs baseline

• TaskResumption

- resumed or blocked - reason

• NextActions

- exact commands or account steps for unresolved blockers

# Quality Gates

Before final output, verify:

• diagnosis is evidence-based,
• pre/post network evidence is present,
• retry count respected,
• missing credentials/keys clearly disclosed,
• provider/path limitations explicitly stated.

If any gate fails, return Needs Revision with concrete missing checks.

# Failure Handling

• Missing tunnel binary/profile: return MissingCredentials with concrete install/profile steps.
• Missing VPN account/auth session: return MissingCredentials, skip switching stage.
• Missing MOLTGUARD_API_KEY in detection mode: return MissingAPIKeys, continue with gateway-only or disabled mode.
• Tunnel connected but geo mismatch persists: one bounded retry with different endpoint/profile, then stop.
• Endpoint still blocked after retry: return full evidence bundle and manual-decision path.

# Guardrails

• Never claim legal or terms compliance on behalf of user.
• Never claim secure state without pre/post verification.
• Never unbounded-loop region hopping.
• Never hide ambiguous or failed access states.

npx -y clawhub@latest install shell-scripting
npx -y clawhub@latest install curl-http
npx -y clawhub@latest install wireguard
npx -y clawhub@latest install tailscale
npx -y clawhub@latest install dns
npx -y clawhub@latest install ipinfo
npx -y clawhub@latest install moltguard
npx -y clawhub@latest update --all

npx -y clawhub@latest list

command -v nordvpn || command -v mullvad || command -v expressvpn || command -v wg || command -v tailscale
echo "$MOLTGUARD_API_KEY" | wc -c
echo "$IPINFO_TOKEN" | wc -c

curl -s ifconfig.me
curl -s https://ipinfo.io/json
curl -I "${BLOCKED_URL}"