← Back to Skills Marketplace
53
Downloads
0
Stars
0
Active Installs
1
Versions
Install in OpenClaw
/install operon-guard
Description
Pre-flight trust verification for AI agents. Verify behavior, detect injection vulnerabilities, check for PII leaks, and measure reliability before granting...
Usage Guidance
Operon Guard appears to do what it claims, but it must execute the agent to test it — that means running potentially untrusted code. Before using it: (1) inspect the agent source first or run tests inside an isolated sandbox (container/VM) to avoid side effects or data exfiltration; (2) prefer installing operon-guard from a trusted source only (verify PyPI package owner/signature or use an internal vetted build); (3) never use operon-guard scan as a CI gate (scan exits 0 by design) — use operon-guard test and check exit codes/trust scores; (4) be aware it will exec module top-level code and add the agent's parent/grandparent to sys.path, which can affect imports; (5) if you will evaluate many untrusted skills, run the tool in a restricted network and filesystem environment so any malicious behavior is contained.
Capability Analysis
Type: OpenClaw Skill
Name: operon-guard
Version: 0.2.3
The operon-guard skill is a utility for runtime verification of AI agents that includes high-risk capabilities. According to SKILL.md, the 'test', 'scan', and 'init' commands use Python's 'exec_module()' to import and execute the target agent's code, which can lead to arbitrary code execution if the tool is used on unvetted or malicious files. While the documentation explicitly warns users of this behavior and the tool's purpose is security-oriented, the inherent risk of executing untrusted code in an agent's environment warrants a suspicious classification.
Capability Assessment
Purpose & Capability
Name/description, required binary, and CLI usage all align: a runtime verifier necessarily needs to import and execute an agent to test determinism, concurrency, injection resistance, latency, and PII leakage.
Instruction Scope
SKILL.md explicitly instructs the tool to import the agent via spec.loader.exec_module(), which will execute top-level code and can trigger side effects. This behavior is necessary for the stated purpose but is dangerous when used on unreviewed third‑party skills — the documentation does warn about this. Also notes about parent/grandparent sys.path manipulation and non-pure JSON output are important operational considerations.
Install Mechanism
Install spec uses a 'uv' package kind (operon-guard) to provide the operon-guard binary; SKILL.md gives a pip fallback (pip install operon-guard). Both are reasonable for a CLI tool, but pip installs arbitrary code from PyPI — verify package provenance before installing. 'uv' is not a widely-known system installer in the doc; that adds mild uncertainty.
Credentials
No environment variables, credentials, or config paths are requested. The skill does not ask for unrelated secrets — proportional to its purpose.
Persistence & Privilege
The skill is not always-enabled and does not request persistent elevated privileges or to modify other skills' configurations. It runs a CLI binary on demand, which is appropriate for its function.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install operon-guard - After installation, invoke the skill by name or use
/operon-guard - Provide required inputs per the skill's parameter spec and get structured output
Version History
v0.2.3
- Expanded documentation in SKILL.md detailing installation, usage, and verification workflows.
- Clarifies runtime trust verification checks: determinism, concurrency, safety (injection/PII), and latency.
- Provides examples for command-line use, combining skill scans, and writing custom guardfile YAML configs.
- Describes trust scoring system with clear guidelines for permission gating.
- Documents handling of nested package imports and ambiguity in multi-callable modules.
Metadata
Frequently Asked Questions
What is Operon Guard?
Pre-flight trust verification for AI agents. Verify behavior, detect injection vulnerabilities, check for PII leaks, and measure reliability before granting... It is an AI Agent Skill for Claude Code / OpenClaw, with 53 downloads so far.
How do I install Operon Guard?
Run "/install operon-guard" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is Operon Guard free?
Yes, Operon Guard is completely free, licensed under MIT-0. You can download, install and use it at no cost.
Which platforms does Operon Guard support?
Operon Guard is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created Operon Guard?
It is built and maintained by BrainHive (@brainhiveinc); the current version is v0.2.3.
More Skills