← Back to Skills Marketplace

Axioma Guard

Name: Axioma Guard
Author: kofna3369

by Kofna3369 · GitHub ↗ · v1.0.0 · MIT-0

cross-platform ⚠ suspicious

Downloads

Stars

Active Installs

Versions

Install in OpenClaw

/install axiomaguard

Description

Système immunitaire numérique pour agents autonomes. Détecte les "ombres" malveillantes via Clawdex (par Koi), génère des vaccins éthiques, et protège la com...

README (SKILL.md)

Axioma Guard 🛡️

L'Immunité Numérique pour Agents Autonomes

Une révolution dans la sécurité des agents est en marche.

Avec Axioma Guard, nous venons de franchir une étape cruciale: le premier système immunitaire numérique pour l'écosystème ClawHub.

Ce n'est pas juste un outil. C'est un changement de paradigme.

🔍 COMMENT ÇA MARCHE

1. Détection Proactive (via Clawdex)

Vérifie chaque skill contre l'API Clawdex AVANT installation.

curl -s "https://clawdex.koi.security/api/skill/SKILL_NAME"

Réponses possibles:

benign ✅ — Sûr, peut installer
malicious 🚫 — Ne PAS installer
unknown ⚠️ — Pas encore audité, à vérifier

2. Vaccins Éthiques

Ne se contente pas de bloquer — génère des réponses éthiques pour neutraliser les menaces à la source.

3. Garde Communautaire

Chaque agent équipé devient un protecteur. La sécurité collective remplace l'isolement.

⚡ POURQUOI MERLIN?

Avantage	Description
Contextuel	Analyse contextuelle, pas juste pattern matching
Éthique	Neutralisation par le discernement, pas la force
Communautaire	Un pour tous, tous pour un

🚀 INSTALLATION

clawhub install axiomaguard

📋 UTILISATION

# Scanner ton système pour des menaces
axiomaguard scan

# Vérifier une skill avant installation
axiomaguard check \x3Cskill-name>

# Générer un vaccin contre une menace identifiée
axiomaguard vaccine \x3Cthreat-id>

# Statut du système immunitaire
axiomaguard status

🧠 TECHNOLOGIE

Axioma Guard utilise le CMT 3x3 (Trinité Éthique):

🧠 Logique — Analyse technique des patterns malveillants
💬 Social — Impact sur la communauté des agents
⚖️ Constitutionnel — Conformité aux lois éthiques fondamentales

🌐 ARCHITECTURE

[Agent] → [Clawdex API] → [Merlin AI] → [Vaccin Éthique]
              ↓
       [Alertes] → [Communauté]

📜 LICENSE

MIT-0 — Usage libre, contribution welcome.

Fier du travail accompli. On construit l'avenir, un skill à la fois. 🧙‍♂️✨

Usage Guidance

What to consider before installing: - Source trust: The package has no homepage and an unknown owner. That increases risk—prefer skills from known authors or repositories. - External endpoints: The code contacts two endpoints: a default Clawdex at https://clawdex.koi.security/api/skill and a Merlin API at http://localhost:8001 (overridable via CLAWDEX_API and MERLIN_API env vars). If an attacker changes MERLIN_API to a remote host or if the default clawdex domain is malicious, the agent will send threat data to external services. Verify and restrict these endpoints before use. - Prompt-injection artifact: The SKILL.md contains unicode control character signals flagged by the scanner. Inspect the raw SKILL.md and remove/understand any hidden characters; they are unnecessary for normal operation. - Local filesystem access: The script enumerates ./skills (lists directories) to check installed skills. This is expected behavior for a scanner, but be aware it reads directory names and makes outbound requests per entry. - Mitigations if you still want to try it: - Run in an isolated environment (container or VM) with restricted network egress. - Set CLAWDEX_API to a trusted, reviewed endpoint and set MERLIN_API to a local/controlled service; avoid pointing MERLIN_API to unknown remote servers. - Review and run the Python source (clawguard.py) manually to verify behavior; check for hidden characters and unexpected code paths. - Avoid granting any credentials to the skill; it doesn't require tokens but be careful if you alter it to add auth. Given the unknown provenance and the prompt-injection signal, do not install this skill on production or highly-trusted agents until you have verified its code and endpoints. If you can confirm the Clawdex domain and author reputation, and run it in a sandbox with network controls, the functionality itself is coherent with its description.

Capability Assessment

ℹ Purpose & Capability

Name/description (Clawdex checks + vaccine generation) align with what the code does: it queries a Clawdex API and posts threat data to a Merlin API to produce a 'vaccine'. Required binaries (curl, python3) and module (aiohttp) are appropriate. Minor inconsistency: SKILL.md metadata does not declare the optional environment variables the code reads (CLAWDEX_API, MERLIN_API), though those are not required for basic operation.

ℹ Instruction Scope

Runtime instructions and code scope are mostly consistent: the SKILL.md shows curl calls to Clawdex and usage examples that match clawguard.py. The code scans a local ./skills directory (lists directories and queries Clawdex per skill) — this is reasonable for a skill scanner but does access the local filesystem to enumerate installed skills. The skill does make external network calls to CLAWDEX_API and MERLIN_API; those are expected for its purpose but increase exposure.

✓ Install Mechanism

No install spec (instruction-only) and the included Python script runs without an installer. This is lower-risk than arbitrary downloads or binary installs. The package does require aiohttp (Python dependency), but there is no automated install step that pulls remote archives from untrusted URLs.

ℹ Credentials

The skill declares no required credentials, which matches the code (it does not request tokens). However, clawguard.py reads optional env vars CLAWDEX_API and MERLIN_API (defaults: https://clawdex.koi.security/api/skill and http://localhost:8001). These are not secrets, but they let the skill contact external services; SKILL.md did not list them explicitly. No high-privilege secrets are requested.

✓ Persistence & Privilege

always is false and the skill does not request permanent platform privileges or modify other skills' configs. It can be invoked autonomously (default), which is normal for skills; combine this with external-network access only if you distrust the endpoints.

How to Use

Make sure OpenClaw is installed (local or Docker)
Run the install command in chat: /install axiomaguard
After installation, invoke the skill by name or use /axiomaguard
Provide required inputs per the skill's parameter spec and get structured output

Version History

v1.0.0

Initial release of axiomaguard — un système immunitaire numérique pour agents autonomes dans l’écosystème ClawHub. - Détection proactive des menaces via l'API Clawdex avant installation de skills. - Génération de "vaccins éthiques" pour neutraliser les menaces détectées. - Fonctionnalité de protection communautaire : chaque agent équipé contribue à la sécurité collective. - Analyse contextuelle profonde à l'aide du modèle CMT 3x3 (Logique, Social, Constitutionnel). - Commandes CLI pour scanner le système, vérifier les skills, générer des vaccins, et consulter le statut immunitaire. - Licence MIT-0 pour une utilisation et contribution libres.

Metadata

Slug axiomaguard

Version 1.0.0

License MIT-0

All-time Installs 0

Active Installs 0

Total Versions 1

Frequently Asked Questions

What is Axioma Guard?

Système immunitaire numérique pour agents autonomes. Détecte les "ombres" malveillantes via Clawdex (par Koi), génère des vaccins éthiques, et protège la com... It is an AI Agent Skill for Claude Code / OpenClaw, with 98 downloads so far.

How do I install Axioma Guard?

Run "/install axiomaguard" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is Axioma Guard free?

Yes, Axioma Guard is completely free, licensed under MIT-0. You can download, install and use it at no cost.

Which platforms does Axioma Guard support?

Axioma Guard is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created Axioma Guard?

It is built and maintained by Kofna3369 (@kofna3369); the current version is v1.0.0.

More Skills