← Back to Skills Marketplace
274
Downloads
0
Stars
0
Active Installs
3
Versions
Install in OpenClaw
/install clawlite-openclaw-security-guard
Description
This skill should be used when the user asks to harden agent workflows, audit prompts/commands/URLs/paths, scan a third-party skill before install or publish...
README (SKILL.md)
OpenClaw Security Guard
Use this skill to run fast local security checks before trusting or publishing automation.
What this skill is for
Run this skill when you need to:
- scan suspicious text for prompt injection / secret leakage patterns
- validate shell commands before automation or publishing
- validate URLs for SSRF / localhost / metadata access risks
- validate file paths for traversal / sensitive file access
- audit a skill folder for dangerous scripts, hardcoded secrets, exfiltration patterns, or unsafe install/publish flows
- add a lightweight self-defense layer before using external skills
Workflow
- Choose the narrowest check needed.
- Run one of the bundled scripts.
- Treat
BLOCKas stop-work until reviewed. - Treat
WARNas requiring human review or a narrower sandbox. - For skill audits, review the flagged file lines before install/publish.
Bundled scripts
1) Quick text / command / URL / path checks
node {baseDir}/scripts/security-check.mjs text "\x3Ccontent>"
node {baseDir}/scripts/security-check.mjs command "\x3Cshell command>"
node {baseDir}/scripts/security-check.mjs url "\x3Curl>"
node {baseDir}/scripts/security-check.mjs path "\x3Cpath>"
2) Skill / folder audit
node {baseDir}/scripts/audit-skill-dir.mjs /absolute/or/relative/path/to/skill
3) Write audit into Obsidian vault
node {baseDir}/scripts/write-obsidian-audit.mjs /tmp/audit.json "Skill Audit - my-skill"
This writes a markdown audit note into the ClawLite Obsidian vault under Security Audits/.
4) Install lightweight local hook wrapper
bash {baseDir}/scripts/install-hooks.sh
This installs a reusable workspace script for prepublish checks.
This audits for:
- hardcoded secrets / tokens
- curl|bash / wget|sh installers
- destructive shell patterns
- risky exfiltration / webhook / netcat usage
- suspicious file targets like
~/.ssh,/etc/passwd,.env,id_rsa
Verdicts
ALLOW— no high-risk pattern found in this lightweight passWARN— review manually before proceedingBLOCK— do not trust / run / publish until reviewed
Important limits
- This is a lightweight guard, not a full sandbox.
- Regex-based detection catches common dangerous patterns, not all attacks.
- A clean result does not prove safety.
- For high-risk code, still prefer human review and runtime isolation.
Publishing / install guard
Before publishing or installing a skill from GitHub / ClawHub:
- run
audit-skill-dir.mjs - inspect every
WARN/BLOCK - only proceed when the remaining risk is understood
References
If you need the audit categories / philosophy, read:
{baseDir}/references/checklist.md
Usage Guidance
This skill appears to implement a useful local pre-publish/audit tool, but review it locally before running: 1) Ensure you have Node available (scripts rely on node but the skill metadata doesn't declare it). 2) Inspect write-obsidian-audit.mjs — it writes to a hard-coded path (/Users/m1/...) that likely belongs to the author; change it or delete that behavior before running to avoid unexpected writes. 3) The install-hooks.sh will create a script in $HOME/.openclaw/workspace — accept only if you want that helper installed. 4) Because the audit script reads files under whatever path you supply, avoid pointing it at sensitive system directories unless you intend to allow reading those files. 5) Prefer running the scripts in an isolated environment (container or throwaway account) and manually inspect the code (especially file-write locations) before giving the skill filesystem access. If you want higher assurance, ask the author to remove hard-coded paths and to declare Node as a required runtime.
Capability Analysis
Type: OpenClaw Skill
Name: clawlite-openclaw-security-guard
Version: 0.2.1
The skill provides a suite of local security auditing tools designed to scan code, shell commands, URLs, and file paths for common vulnerabilities, hardcoded secrets, and malicious patterns. The core logic in scripts like audit-skill-dir.mjs and security-check.mjs uses regex-based detection to identify risks such as prompt injection, SSRF, and data exfiltration in other files. The installation script (install-hooks.sh) sets up a local prepublish wrapper, and the overall behavior is transparent and strictly aligned with its stated purpose as a security guard for the OpenClaw environment.
Capability Assessment
Purpose & Capability
The skill's name, description, and scripts align: it scans text/commands/URLs/paths and audits skill folders. One mismatch: the package includes Node and bash scripts but the registry metadata lists no required binaries; a legitimate skill should declare Node (and/or bash) as a dependency/runtime requirement.
Instruction Scope
SKILL.md and scripts instruct the agent to read arbitrary target directories (audit-skill-dir) and to write audit notes to disk. write-obsidian-audit.mjs uses a hard-coded vault path (/Users/m1/Desktop/obsidianvault/ClawLite) which is a leak of the packager's local path and will attempt to write to that exact location when run — unexpected and undesirable. The install-hooks.sh writes a helper script into $HOME/.openclaw/workspace which modifies the user's home workspace; this is documented but is an automatic filesystem modification that users should be warned about.
Install Mechanism
There is no remote download/install step; the skill ships its scripts in the package. That lowers supply-chain risk. The included install-hooks.sh does create a script in the user's $HOME which is a local change but not a remote installation.
Credentials
The skill does not request any environment variables or credentials (good). However, scripts write into $HOME and a hard-coded absolute path to an Obsidian vault; the latter is unrelated to the stated purpose and appears to be a leftover developer path. No secrets are requested, but the auditing scripts will read files under whatever target directory is provided (expected for an audit tool).
Persistence & Privilege
always:false (good). The only persistent change is install-hooks.sh which installs a helper script under $HOME/.openclaw/workspace — this is scope-limited to the user's workspace but it does modify the filesystem and create an executable helper. The skill does not attempt to modify other skills or global agent settings beyond that helper install.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install clawlite-openclaw-security-guard - After installation, invoke the skill by name or use
/clawlite-openclaw-security-guard - Provide required inputs per the skill's parameter spec and get structured output
Version History
v0.2.1
Align description with when-to-use trigger language and add keyword metadata.
v0.2.0
Add prepublish guard, Obsidian audit writer, and lightweight hook installer wrapper.
v0.1.0
Initial lightweight security guard for OpenClaw prompts, commands, URLs, paths, and skill-folder audits.
Metadata
Frequently Asked Questions
What is OpenClaw Security Guard?
This skill should be used when the user asks to harden agent workflows, audit prompts/commands/URLs/paths, scan a third-party skill before install or publish... It is an AI Agent Skill for Claude Code / OpenClaw, with 274 downloads so far.
How do I install OpenClaw Security Guard?
Run "/install clawlite-openclaw-security-guard" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is OpenClaw Security Guard free?
Yes, OpenClaw Security Guard is completely free, licensed under MIT-0. You can download, install and use it at no cost.
Which platforms does OpenClaw Security Guard support?
OpenClaw Security Guard is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created OpenClaw Security Guard?
It is built and maintained by X-RayLuan (@x-rayluan); the current version is v0.2.1.
More Skills