Corveil Dev
Corveil is an organizational intelligence platform. It captures AI activity from coding sessions, meetings, and chatbots — then produces insights, recommendations, user profiles, and knowledge graphs. Under the hood it acts as a zero-trust AI gateway: proxying LLM requests with authentication, spend tracking, guardrails, and plugin support.
This skill starts Corveil in dev mode and connects OpenClaw or Claude Code to route AI requests through it locally. All requests are fully logged, tracked, and subject to guardrails as they flow through Corveil.
What You'll Need
- - Corveil binary — installed via GitHub Releases or the install script (see below)
- An upstream provider API key — OpenRouter (
sk-or-v1-...) for multi-model access, or Anthropic (sk-ant-...) for direct Anthropic access. Use a dev/test key, not production credentials - OpenClaw (optional) — only needed for passthrough routing; Claude Code can connect directly
A Corveil dev API key (sk-citadel-...) is created automatically via the API in Step 2 below — no manual setup required.
When to Run
- - Setting up a local Corveil development environment
- Testing Corveil passthrough or direct mode with Claude Code
- Developing or testing Corveil plugins, guardrails, or spend tracking
- Demoing Corveil locally
Workflow
1. Install Corveil
Option A: GitHub Releases (recommended)
Download a signed binary from GitHub Releases. Binaries are available for macOS, Linux, and Windows (ARM64 and AMD64). Verify the download with the published checksums.
CODEBLOCK0
Option B: Install script
CODEBLOCK1
2. Start Corveil and Create an API Key
CODEBLOCK2
Corveil starts on localhost:8000 (bound to localhost only — not exposed to the network) with:
- - Ephemeral SQLite database (zero config, local-only)
- Dev login enabled (no SSO/JWT setup)
- Dashboard at http://localhost:8000
Then create an API key via the API — no need to open the dashboard:
CODEBLOCK3
3a. Connect OpenClaw (Passthrough Mode)
Passthrough routes your own Anthropic credentials through Corveil for tracking and guardrails, while your API key authenticates directly with Anthropic.
CODEBLOCK4
Costs are set to 0 because Corveil tracks spend on its side.
Your existing Anthropic API key (configured in OpenClaw) flows through to Anthropic. The x-citadel-api-key header authenticates with Corveil for logging, guardrails, and spend tracking.
3b. Connect Claude Code Directly (No OpenClaw)
Direct Mode
Corveil uses its own provider credentials to fulfill requests:
CODEBLOCK5
Or in .claude/settings.json:
CODEBLOCK6
Passthrough Mode
Your own Anthropic credentials flow through to Anthropic:
CODEBLOCK7
Or in .claude/settings.json:
CODEBLOCK8
4. Verify the Connection
CODEBLOCK9
Then send any request through Claude Code or OpenClaw. If it responds, requests are flowing through Corveil. Confirm in the dashboard at http://localhost:8000.
Security Notes
- - Localhost only: Dev mode binds to
localhost:8000 — not exposed to the network. Only local processes can reach it. - Ephemeral database: Dev mode uses SQLite stored locally. API keys and logs exist only on your machine and are disposable.
- Passthrough transparency: In passthrough mode, your provider API key flows through the local proxy and is forwarded directly to the upstream provider. Corveil does not store your provider credentials — they are only held in memory for the duration of the request.
- Use dev/test keys: Use non-production API keys for your upstream provider (OpenRouter, Anthropic). Rotate them after testing if needed.
- Install verification: Download from GitHub Releases with published checksums. Run
corveil --version to verify.
Important Rules
Passthrough Requires the x-citadel-api-key Header
Only Claude Code (via
ANTHROPIC_CUSTOM_HEADERS) and OpenClaw (via
headers config) support custom headers for passthrough mode. Other tools (Cursor, aichat, Codex CLI) only support direct mode.
Costs Should Be Zero in OpenClaw Config
When routing through Corveil, set model costs to
0 in OpenClaw since Corveil handles spend tracking.
All Requests Are Logged
Every request flowing through Corveil is logged with full request/response capture, spend tracking, and guardrail enforcement — regardless of direct or passthrough mode.
Reference
- - Full client setup guides: https://corveil.com/docs
- GitHub Releases: https://github.com/radiusmethod/corveil-releases/releases
- Compatibility matrix: Claude Code and OpenClaw support passthrough; aichat, Cursor, OpenCode, Codex CLI, and Gemini CLI support direct mode only
Corveil Dev
Corveil是一个组织智能平台。它能捕获来自编码会话、会议和聊天机器人的AI活动,然后生成洞察、建议、用户画像和知识图谱。在底层,它充当零信任AI网关:通过身份验证、支出追踪、护栏和插件支持来代理LLM请求。
该技能以开发模式启动Corveil,并连接OpenClaw或Claude Code,通过本地路由AI请求。所有请求在流经Corveil时都会被完整记录、追踪并受护栏约束。
你需要准备
- - Corveil二进制文件 — 通过GitHub Releases或安装脚本安装(见下文)
- 上游提供商API密钥 — OpenRouter(sk-or-v1-...)用于多模型访问,或Anthropic(sk-ant-...)用于直接访问Anthropic。请使用开发/测试密钥,而非生产凭证
- OpenClaw(可选)— 仅在直通路由时需要;Claude Code可直接连接
Corveil开发API密钥(sk-citadel-...)将通过下面第2步中的API自动创建 — 无需手动设置。
何时运行
- - 设置本地Corveil开发环境
- 使用Claude Code测试Corveil直通或直接模式
- 开发或测试Corveil插件、护栏或支出追踪
- 本地演示Corveil
工作流程
1. 安装Corveil
选项A:GitHub Releases(推荐)
从GitHub Releases下载已签名二进制文件。提供macOS、Linux和Windows(ARM64和AMD64)版本。使用发布的校验和验证下载。
bash
示例:macOS ARM64(Apple Silicon)
curl -LO https://github.com/radiusmethod/corveil-releases/releases/latest/download/corveil-darwin-arm64
chmod +x corveil-darwin-arm64
mv corveil-darwin-arm64 /usr/local/bin/corveil
corveil --version # 验证已安装的二进制文件
选项B:安装脚本
bash
运行前检查脚本内容:
curl -sSL https://corveil.com/install.sh -o install.sh
less install.sh # 查看内容
sh install.sh
2. 启动Corveil并创建API密钥
bash
使用提供商密钥以开发模式启动:
corveil --dev --openrouter-api-key sk-or-v1-...
或直接使用Anthropic:
corveil --dev --anthropic-api-key sk-ant-...
Corveil在localhost:8000上启动(仅绑定到本地主机 — 不暴露到网络),包含:
- - 临时SQLite数据库(零配置,仅本地)
- 启用开发登录(无需SSO/JWT设置)
- 仪表板位于 http://localhost:8000
然后通过API创建API密钥 — 无需打开仪表板:
bash
以开发用户身份登录(存储会话cookie)
curl -s -c /tmp/corveil-cookies -X POST http://localhost:8000/auth/dev-login
创建API密钥并提取明文密钥
CORVEIL_KEY=$(curl -s -b /tmp/corveil-cookies -X POST http://localhost:8000/api/keys \
-H Content-Type: application/json \
-d {name:dev-key} | jq -r .key)
echo 你的Corveil API密钥:$CORVEIL_KEY
3a. 连接OpenClaw(直通模式)
直通模式通过Corveil路由你自己的Anthropic凭证,用于追踪和护栏,同时你的API密钥直接与Anthropic进行身份验证。
bash
openclaw config set models.providers.anthropic {
baseUrl: http://localhost:8000,
api: anthropic-messages,
headers: {
x-citadel-api-key: $CORVEIL_KEY
},
models: [
{
id: claude-sonnet-4-6,
name: Claude Sonnet 4.6,
reasoning: true,
input: [text, image],
cost: { input: 0, output: 0, cacheRead: 0, cacheWrite: 0 },
contextWindow: 200000,
maxTokens: 16384
}
]
}
成本设置为0,因为Corveil在其端追踪支出。
你现有的Anthropic API密钥(在OpenClaw中配置)会流向Anthropic。x-citadel-api-key标头用于与Corveil进行身份验证,以实现日志记录、护栏和支出追踪。
3b. 直接连接Claude Code(无需OpenClaw)
直接模式
Corveil使用自己的提供商凭证来满足请求:
bash
export ANTHROPICBASEURL=http://localhost:8000
export ANTHROPICAPIKEY=$CORVEIL_KEY
或在.claude/settings.json中:
json
{
env: {
ANTHROPICBASEURL: http://localhost:8000,
ANTHROPICAPIKEY: <你的corveil密钥>
}
}
直通模式
你自己的Anthropic凭证会流向Anthropic:
bash
export ANTHROPICBASEURL=http://localhost:8000
export ANTHROPICCUSTOMHEADERS=x-citadel-api-key: $CORVEIL_KEY
或在.claude/settings.json中:
json
{
env: {
ANTHROPICBASEURL: http://localhost:8000,
ANTHROPICCUSTOMHEADERS: x-citadel-api-key: <你的corveil密钥>
}
}
4. 验证连接
bash
检查Corveil是否在运行
curl http://localhost:8000/health
检查最近的日志
corveil logs --tail 5
然后通过Claude Code或OpenClaw发送任何请求。如果有响应,说明请求正在流经Corveil。在 http://localhost:8000 的仪表板中确认。
安全说明
- - 仅限本地主机:开发模式绑定到localhost:8000 — 不暴露到网络。只有本地进程可以访问。
- 临时数据库:开发模式使用本地存储的SQLite。API密钥和日志仅存在于你的机器上,且可丢弃。
- 直通透明性:在直通模式下,你的提供商API密钥流经本地代理,并直接转发到上游提供商。Corveil不会存储你的提供商凭证 — 它们仅在请求期间保存在内存中。
- 使用开发/测试密钥:为你的上游提供商(OpenRouter、Anthropic)使用非生产API密钥。如有需要,测试后轮换它们。
- 安装验证:从GitHub Releases下载,并验证发布的校验和。运行corveil --version进行验证。
重要规则
直通模式需要x-citadel-api-key标头
只有Claude Code(通过ANTHROPIC
CUSTOMHEADERS)和OpenClaw(通过headers配置)支持直通模式的自定义标头。其他工具(Cursor、aichat、Codex CLI)仅支持直接模式。
OpenClaw配置中的成本应为零
当通过Corveil路由时,在OpenClaw中将模型成本设置为0,因为Corveil处理支出追踪。
所有请求都会被记录
流经Corveil的每个请求都会被完整记录请求/响应捕获、支出追踪和护栏执行 — 无论直接模式还是直通模式。
参考
- - 完整客户端设置指南:https://corveil.com/docs
- GitHub Releases:https://github.com/radiusmethod/corveil-releases/releases
- 兼容性矩阵:Claude Code和OpenClaw支持直通模式;aichat、Cursor、OpenCode、Codex CLI和Gemini CLI仅支持直接模式
