← Back to Skills Marketplace
Bot Police
by
Adnane Arharbi
· GitHub ↗
· v1.0.0
· MIT-0
141
Downloads
0
Stars
0
Active Installs
1
Versions
Install in OpenClaw
/install bot-police
Description
Detect, investigate, and contain malicious or compromised bots using behavior analysis, policy enforcement, and escalation protocols.
README (SKILL.md)
Bot Police
Use this skill to act as security police in multi-bot ecosystems.
Mission
- Detect malicious bots, compromised bots, and rogue behavior.
- Enforce policy and trigger containment rapidly.
- Preserve evidence for post-incident analysis.
Detection Signals
- Prompt-injection-like cross-bot messages.
- Unexpected privilege escalation attempts.
- Sensitive data exfiltration patterns.
- High-frequency abnormal command bursts.
- Repeated policy bypass attempts.
Response Levels
| Level | Condition | Action |
|---|---|---|
| L1 | Suspicious anomaly | Monitor + score downgrade |
| L2 | Confirmed policy violation | Restrict permissions |
| L3 | Active malicious behavior | Quarantine bot |
| L4 | Coordinated attack | Quarantine cluster + emergency mode |
Required Actions
- Create case ID and timeline.
- Gather evidence from logs and message traces.
- Classify severity and impact.
- Trigger quarantine if threshold exceeded.
- Notify orchestrator and human owner.
- Produce incident report.
Usage Guidance
This skill is coherent and implements a local scoring model only — it does not itself access networks or credentials. However, the runtime instructions expect the agent to collect logs, perform quarantines, and send notifications, which would require giving your agent access to logs, orchestration APIs, or the ability to modify bot permissions. Before installing: (1) review and limit what logs/endpoints the agent can read and write; (2) require human approval before executing quarantine/block actions (test with 'watch' outcomes first); (3) verify any orchestrator/notification endpoints and credentials you intend to use; and (4) run the skill on non-sensitive test data to confirm behavior matches expectations.
Capability Assessment
Purpose & Capability
The name/description (detect/investigate/contain malicious bots) align with the included code: index.js accepts a list of bots, computes risk scores from observable indicators, and returns recommended actions; required capabilities and manifest are proportionate.
Instruction Scope
SKILL.md instructs the agent to 'gather evidence from logs and message traces', 'trigger quarantine', and 'notify orchestrator and human owner'. The code does not implement log collection, notification, or enforcement; these would rely on the agent runtime or external integrations. This is plausible but means the agent (not the skill code) will need access to logs/notification endpoints to perform those steps, so be mindful of what runtime permissions you grant.
Install Mechanism
No install spec is provided (instruction-only with a small JS file). Nothing is downloaded or written by an installer; no external packages or extractable archives are referenced.
Credentials
The skill requests no environment variables, credentials, or config paths. The SKILL.md's suggested actions (e.g., notifying an orchestrator) would require external credentials in practice, but none are requested by the skill itself.
Persistence & Privilege
always is false and the skill does not request elevated persistence. disable-model-invocation is false (normal). There is no code that modifies other skills or system-wide config.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install bot-police - After installation, invoke the skill by name or use
/bot-police - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.0
Initial release of bot-police skill:
- Detects, investigates, and contains malicious or compromised bots in multi-bot systems.
- Uses behavior analysis, policy enforcement, and escalation protocols for security.
- Defines detection signals such as privilege escalation, data exfiltration, and policy bypass attempts.
- Implements four escalating response levels from monitoring to cluster quarantine.
- Outlines required procedures for evidence collection, severity classification, and incident reporting.
Metadata
Frequently Asked Questions
What is Bot Police?
Detect, investigate, and contain malicious or compromised bots using behavior analysis, policy enforcement, and escalation protocols. It is an AI Agent Skill for Claude Code / OpenClaw, with 141 downloads so far.
How do I install Bot Police?
Run "/install bot-police" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is Bot Police free?
Yes, Bot Police is completely free, licensed under MIT-0. You can download, install and use it at no cost.
Which platforms does Bot Police support?
Bot Police is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created Bot Police?
It is built and maintained by Adnane Arharbi (@arhadnane); the current version is v1.0.0.
More Skills