← Back to Skills Marketplace
wd041216-bit

IronClaw Security Guard

by Da Wei · GitHub ↗ · v0.2.0 · MIT-0
cross-platform ⚠ suspicious
128
Downloads
0
Stars
0
Active Installs
1
Versions
Install in OpenClaw
/install ironclaw-security-guard
Description
Add lightweight defense-in-depth guardrails to OpenClaw with dangerous-command blocking, prompt-injection detection, secret redaction, and audit logging.
README (SKILL.md)

IronClaw Security Guard

Use this skill when an OpenClaw runtime needs lightweight security guardrails rather than a full sandbox.

What it is for

Use it when the user wants to:

  • reduce risky shell execution
  • protect sensitive paths and credentials
  • detect prompt-injection patterns in untrusted content
  • redact secrets before outgoing messages
  • keep an audit trail of risky or blocked behavior

What it covers

  • shell-risk filtering
  • protected path detection
  • prompt-injection heuristics
  • outbound secret redaction
  • audit logging
  • manual inspection through ironclaw_security_scan

When to use it

  • local-model deployments
  • tool-heavy OpenClaw setups
  • environments with chat, shell, web, and file tools enabled
  • operator workflows that need safety checks without a heavyweight sandbox

Non-goals

This skill does not:

  • provide container isolation
  • guarantee malware containment
  • replace OS, network, or credential-hygiene controls

Operating workflow

  1. Check whether the plugin is enabled or running in monitorOnly mode.
  2. Review configured allowlists, blocked command patterns, and protected path patterns.
  3. Use ironclaw_security_scan first when content or tool parameters look suspicious.
  4. Prefer the least-privileged path for shell, network, and messaging actions.
  5. If the plugin blocks a call, inspect the audit log before overriding safeguards.

Output expectations

Good use of this skill should usually produce:

  • a concise risk explanation
  • the matched finding category
  • a safer alternative when one exists
  • a note about whether the event should be audited or blocked
Usage Guidance
This plugin appears to do what it says: block destructive/sensitive tool calls, detect prompt-injection, redact secrets, and log audits. Before installing or enabling it in production: (1) review and, if needed, tighten protectedPathPatterns / blockedCommandPatterns and allowedOutboundHosts; (2) decide whether to start in monitorOnly mode to observe behavior before blocking; (3) configure auditLogPath to a secure location with proper file permissions (audit logs may contain previews of inputs that could include secrets); (4) enable redactPreview where appropriate; (5) run the included tests (npm test) and audit the code to ensure it meets your operational requirements. The only notable operational risk is local storage of potentially sensitive previews — mitigate by configuration and access controls.
Capability Analysis
Type: OpenClaw Skill Name: ironclaw-security-guard Version: 0.2.0 The ironclaw-security-guard plugin is a legitimate security utility designed to provide defense-in-depth guardrails for OpenClaw agents. It implements pattern-based detection and blocking for destructive shell commands (e.g., 'rm -rf', 'sudo'), protects sensitive system and credential paths (e.g., .ssh, .env, /etc/shadow), and provides automated secret redaction for outgoing messages. The logic in index.ts and src/scan.ts is transparently aimed at risk mitigation, and the instructions in SKILL.md are strictly defensive, advising the agent to treat external content as untrusted and avoid unauthorized data exfiltration.
Capability Assessment
Purpose & Capability
Name/description, SKILL.md, README, manifest, and TypeScript code all align: the plugin inspects payloads, classifies tools, blocks destructive shell patterns, detects prompt-injection, redacts secrets, exposes a manual scan tool, and writes an audit log. No unrelated credentials, binaries, or external services are requested.
Instruction Scope
SKILL.md and the bundled skill instruct the agent to scan messages, tool params, and files and to use the ironclaw_security_scan tool before risky operations — this matches the code. The plugin records previews of inspected content to the audit log (JSONL) and may redact previews on request. That behaviour is expected for auditability, but it means the audit store can contain sensitive content unless redaction/configuration is used.
Install Mechanism
There is no download/install step in the registry metadata; this is a repository-style OpenClaw plugin (TypeScript source, package.json). No external URL downloads, no packaged install scripts, and no unusual install locations are present. Node >=22 is required per package.json — typical for a TypeScript plugin.
Credentials
The plugin declares no required environment variables or credentials, which is proportionate. It does scan for patterns that look like API keys and tokens but does not require or send any keys. The main caution: audit events (by default written to ~/.openclaw/logs/ironclaw-security-guard.audit.jsonl) may include previews of inputs that contain secrets — operators should consider configuring auditLogPath, enabling redaction, or restricting file permissions.
Persistence & Privilege
The plugin is not force-included (always:false). It registers hooks and a tool via OpenClaw's plugin API as expected; it writes audit logs to disk and does not modify other plugins' configs or request system-wide privileges. Autonomous invocation (disable-model-invocation:false) is the platform default and appropriate for a guard plugin.
How to Use
  1. Make sure OpenClaw is installed (local or Docker)
  2. Run the install command in chat: /install ironclaw-security-guard
  3. After installation, invoke the skill by name or use /ironclaw-security-guard
  4. Provide required inputs per the skill's parameter spec and get structured output
Version History
v0.2.0
First public ClawHub release for the OpenClaw security guard plugin and bundled skill.
Metadata
Slug ironclaw-security-guard
Version 0.2.0
License MIT-0
All-time Installs 0
Active Installs 0
Total Versions 1
Frequently Asked Questions

What is IronClaw Security Guard?

Add lightweight defense-in-depth guardrails to OpenClaw with dangerous-command blocking, prompt-injection detection, secret redaction, and audit logging. It is an AI Agent Skill for Claude Code / OpenClaw, with 128 downloads so far.

How do I install IronClaw Security Guard?

Run "/install ironclaw-security-guard" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is IronClaw Security Guard free?

Yes, IronClaw Security Guard is completely free, licensed under MIT-0. You can download, install and use it at no cost.

Which platforms does IronClaw Security Guard support?

IronClaw Security Guard is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created IronClaw Security Guard?

It is built and maintained by Da Wei (@wd041216-bit); the current version is v0.2.0.

More Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463815 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259802 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200680 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191345 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190333 · by oswalpalash

💬 Comments