vpc-air-gapped

Enables secure deployment of Rivet in air-gapped networks with single-binary or Docker Compose installations, ensuring no outbound telemetry.

Install this skill

91/100

Security score

The vpc-air-gapped skill was audited on Jun 24, 2026 and we found 5 security issues across 2 threat categories. Review the findings below before installing.

Categories Tested

Security Issues

medium line 218

Webhook reference - potential data exfiltration

SourceSKILL.md

218	- [Webhooks](reference/agent-os/webhooks.md)

low line 76

External URL reference

SourceSKILL.md

76	RIVET_ENDPOINT: "http://default:admin@rivet-engine:6420"

low line 85

External URL reference

SourceSKILL.md

85	`RIVET_ENDPOINT` uses the format `http://namespace:token@host:port` and tells your app to connect to the engine as a runner instead of running standalone. After both services start, register your runn

low line 89

External URL reference

SourceSKILL.md

89	The engine exports traces and metrics only when you opt in with OpenTelemetry. Export is disabled unless `RIVET_OTEL_ENABLED=1` is set, and the export target defaults to a local collector at `http://l

low line 104

External URL reference

SourceSKILL.md

104	- One namespace per install. The endpoint URL carries the namespace and token (`http://namespace:token@host:port`), so a single image works across customer deployments. See [Endpoints](/docs/gener

Scanned on Jun 24, 2026

View Security Dashboard

Installation guide →

GitHub Stars 17

Rate this skill

Categorydevops

UpdatedJune 24, 2026

openclaw backend devops docker

rivet-dev/skills