← Back to Skills Marketplace
thebrierfox

Paid Bash Security V1.1

by ~K¹yle Million · GitHub ↗ · v1.1.1 · MIT-0
cross-platform ⚠ suspicious
84
Downloads
0
Stars
1
Active Installs
1
Versions
Install in OpenClaw
/install paid-bash-security-v1-1
Description
23-validator bash security chain validated in production Claude Code deployments. Every check closed a real attack vector.
Usage Guidance
This package is an instruction-only document that claims to install a 23-validator runtime security chain but contains no validator code or architecture file it references. Do not rely on it for real protection. Before installing or changing your agent's SOUL.md to 'strict': - Demand the actual implementation: request the BASH_SECURITY_ARCHITECTURE.md and the validator scripts or a verifiable install package (GitHub repo or signed release). Verify code existence and review it. - If you want to experiment, keep enforcement in 'audit' mode only and test in a safe environment; do not enable strict blocking until you can confirm validators are present and functioning. - Verify the skill's source and homepage; this package has unknown source and no homepage — treat it as untrusted until provenance is established. - Prefer obtaining security validators from an auditable repository or a vetted vendor rather than a document that only instructs you to edit agent prompts. If the author supplies the missing files and an auditable install mechanism, re-evaluate for coherence and safety.
Capability Assessment
Purpose & Capability
The skill's description asserts it 'installs a 23-validator bash security chain' and 'activates on every exec', but the package contains only SKILL.md (no code, no scripts, no BASH_SECURITY_ARCHITECTURE.md despite referencing it). There is no install spec, no binaries, and no files that could implement runtime validators — i.e., the requested/available artifacts do not support the claimed capability.
Instruction Scope
Runtime instructions tell the user to copy SKILL.md into ~/.openclaw/workspace/skills/... and to change the agent system prompt (SOUL.md) to enable 'strict' enforcement. The instructions claim behavioral changes (validator intercepts every exec) but provide no code or guidance that would actually implement those validators. They do not request unrelated secrets or files, but they misleadingly instruct the user to update persistent agent configuration for a feature that isn't present.
Install Mechanism
There is no install spec and no code files — from an installation-risk perspective this is low risk (nothing will be downloaded or executed). However, low technical risk here is overshadowed by the mismatch between claims and contents.
Credentials
The skill declares no required environment variables, credentials, or config paths. It does ask the operator to edit the agent system prompt (SOUL.md), which is a normal configuration change for behavior, but it does not request secrets or unrelated credentials.
Persistence & Privilege
The skill does not set always:true and is user-invocable (defaults). It instructs changing the agent's SOUL.md to enable enforcement mode — that is a persistent change to agent behavior and should be done cautiously. Autonomous invocation is allowed by default (not a specific red flag), but combining persistent system-prompt changes with the claimed automatic interception behavior is problematic because the validators that would enforce that behavior are absent.
How to Use
  1. Make sure OpenClaw is installed (local or Docker)
  2. Run the install command in chat: /install paid-bash-security-v1-1
  3. After installation, invoke the skill by name or use /paid-bash-security-v1-1
  4. Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.1.1
Remove Anthropic attribution language
Metadata
Slug paid-bash-security-v1-1
Version 1.1.1
License MIT-0
All-time Installs 1
Active Installs 1
Total Versions 1
Frequently Asked Questions

What is Paid Bash Security V1.1?

23-validator bash security chain validated in production Claude Code deployments. Every check closed a real attack vector. It is an AI Agent Skill for Claude Code / OpenClaw, with 84 downloads so far.

How do I install Paid Bash Security V1.1?

Run "/install paid-bash-security-v1-1" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is Paid Bash Security V1.1 free?

Yes, Paid Bash Security V1.1 is completely free, licensed under MIT-0. You can download, install and use it at no cost.

Which platforms does Paid Bash Security V1.1 support?

Paid Bash Security V1.1 is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created Paid Bash Security V1.1?

It is built and maintained by ~K¹yle Million (@thebrierfox); the current version is v1.1.1.

More Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463815 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259802 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200680 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191345 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190333 · by oswalpalash

💬 Comments