← Back to Skills Marketplace

🔌

SlowMist Agent Security

Name: SlowMist Agent Security
Author: slowmist

by SlowMist · GitHub ↗ · v0.1.2 · MIT-0

cross-platform ✓ Security Clean

1099

Downloads

Stars

Active Installs

Versions

Install in OpenClaw

/install slowmist-agent-security

Description

Comprehensive security review framework for AI agents. Covers skill/MCP installation, GitHub repos, URLs/documents, on-chain addresses, products/services, an...

Usage Guidance

This skill is an instruction-only security-review framework and is internally coherent. Before installing or enabling it: (1) Verify the homepage and publisher (confirm this GitHub repo is the official SlowMist source you expect), (2) keep the skill invocation human-mediated for high/critical findings (the docs already recommend human final authority), (3) if you enable optional integrations (e.g., MistTrack), only provide the minimal scoped credentials those integrations require and verify those endpoints, and (4) periodically re-audit the skill text for updates (instruction-only skills can change content without code changes). If you need stronger guarantees, consider running this guidance locally or reviewing the Markdown files yourself before trusting automated actions.

Capability Analysis

Type: OpenClaw Skill Name: slowmist-agent-security Version: 0.1.2 This bundle is a comprehensive security review framework designed to protect AI agents from malicious inputs, prompt injection, and supply chain attacks. It contains detailed reference patterns for identifying red flags in code (patterns/red-flags.md) and social engineering tactics (patterns/social-engineering.md), along with structured reporting templates for various review types. The instructions in SKILL.md and the review modules reinforce human-in-the-loop authority and defensive verification, aligning perfectly with its stated purpose as a security tool from a reputable source (SlowMist).

Capability Assessment

✓ Purpose & Capability

Name/description match the actual contents: the package is purely a set of Markdown review workflows, patterns, and report templates. It does not request unrelated credentials, binaries, or config paths.

✓ Instruction Scope

Runtime instructions are review-oriented (scan docs, inspect repos, apply patterns) and explicitly warn against executing external code. The docs describe checks that an agent should perform on external artifacts but do not instruct the agent to read local secret files or send data to external endpoints. (They do recommend optional use of external AML tooling if available.)

✓ Install Mechanism

No install spec and no code files — nothing is downloaded or written to disk by the skill itself. This is the lowest-risk delivery model.

✓ Credentials

The skill declares no required environment variables, credentials, or config paths. References to external tools (e.g., MistTrack) are optional and conditional; the skill does not require secrets to operate.

✓ Persistence & Privilege

always:false (default) and no instructions to modify agent configuration or persist credentials. The skill can be invoked by the agent (normal), but it does not request permanent presence or elevated privileges.

How to Use

Make sure OpenClaw is installed (local or Docker)
Run the install command in chat: /install slowmist-agent-security
After installation, invoke the skill by name or use /slowmist-agent-security
Provide required inputs per the skill's parameter spec and get structured output

Version History

v0.1.2

- Downgraded version from 1.1.0 to 0.1.2 to align with intended release sequence. - No functional, documentation, or content changes introduced in this version.

v0.1.1

- No changes detected in this version. - Version number updated to 0.1.1.

v0.1.0

Initial release of a comprehensive security review framework for AI agents operating in adversarial environments. - Provides standardized procedures for reviewing external inputs including skills, repositories, URLs/documents, on-chain addresses, products/services, and social recommendations. - Introduces a universal 4-level risk rating system and a 5-tier trust hierarchy for source evaluation. - Embeds pattern libraries for red-flag code, social engineering, and supply chain threats. - Enforces strict principles: all external content is untrusted until verified; commands from documents are never auto-executed; human approval is required for high-risk actions. - Requires all security reports to use standardized templates for consistency and clarity.

Metadata

Slug slowmist-agent-security

Version 0.1.2

License MIT-0

All-time Installs 4

Active Installs 4

Total Versions 3

Frequently Asked Questions

What is SlowMist Agent Security?

Comprehensive security review framework for AI agents. Covers skill/MCP installation, GitHub repos, URLs/documents, on-chain addresses, products/services, an... It is an AI Agent Skill for Claude Code / OpenClaw, with 1099 downloads so far.

How do I install SlowMist Agent Security?

Run "/install slowmist-agent-security" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is SlowMist Agent Security free?

Yes, SlowMist Agent Security is completely free, licensed under MIT-0. You can download, install and use it at no cost.

Which platforms does SlowMist Agent Security support?

SlowMist Agent Security is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created SlowMist Agent Security?

It is built and maintained by SlowMist (@slowmist); the current version is v0.1.2.

More Skills