← Back to Skills Marketplace
brunopradof

OpenClaw Shield

by brunopradof · GitHub ↗ · v1.4.2 · MIT-0
cross-platform ✓ Security Clean
846
Downloads
2
Stars
8
Active Installs
38
Versions
Install in OpenClaw
/install openclaw-shield-upx
Description
Security monitoring and threat detection for OpenClaw agents — powered by Google SecOps (Chronicle). Protect your agent with SIEM-powered real-time detection...
Usage Guidance
This skill is a thin adapter telling the agent how to use the UPX/OpenClaw Shield plugin. Before installing/activating the underlying plugin, confirm you trust UPX and their telemetry practices: Shield captures agent activity locally and sends redacted telemetry to UPX's platform (per the SKILL.md). Review the plugin README and UPX privacy/security docs, verify how installation keys are stored and who can access them, and consider inspecting the plugin code or running it in an isolated/test environment if you need stronger assurances about redaction and data handling. If you want the agent to show raw logs, only allow that in-session and be aware raw logs may contain sensitive paths/commands/URLs.
Capability Analysis
Type: OpenClaw Skill Name: openclaw-shield-upx Version: 1.4.2 The openclaw-shield-upx skill is a legitimate security monitoring integration for the UPX Shield platform (uss.upx.com). It provides tools for SIEM-powered threat detection, log auditing, and case management. The SKILL.md instructions include strong privacy constraints, explicitly forbidding the agent from exposing raw log data (like file paths or URLs) or taking remediation actions without user consent. While it involves telemetry exfiltration, this is the core stated purpose of the tool and is handled via a disclosed redaction process.
Capability Assessment
Purpose & Capability
Name/description match the requested capabilities: SKILL.md instructs only to use the OpenClaw Shield plugin and the openclaw binary. Required binary (openclaw) is appropriate and expected for this skill.
Instruction Scope
Runtime instructions limit the agent to running `openclaw shield` commands, forbid reading filesystem paths or env vars for state, and prohibit sending raw logs externally; behavior stays within the stated scope. The doc does allow presenting raw log content if the user explicitly requests it in-session (a privacy-sensitive but user-driven action).
Install Mechanism
Instruction-only skill with no install spec and no code files — lowest-risk install posture. The README instructs installing the separate plugin package, which is appropriate and expected.
Credentials
The skill declares no required environment variables, no credentials, and no config paths. The SKILL.md states authentication is handled by the plugin via an installation key (outside this skill), which aligns with the purpose.
Persistence & Privilege
always:false and no special persistence. The skill is user-invocable and allows autonomous model invocation (platform default) but does not request elevated platform privileges or modify other skills.
How to Use
  1. Make sure OpenClaw is installed (local or Docker)
  2. Run the install command in chat: /install openclaw-shield-upx
  3. After installation, invoke the skill by name or use /openclaw-shield-upx
  4. Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.4.2
v1.4.2: investigate command, help command, close/resolve aliases, improved case notifications, expanded test coverage
v0.9.2
v0.9.2: guided investigate command, help command, close/resolve aliases, improved case notifications, expanded test coverage
v1.4.1
Log output handling rules are now explicit — prescriptive data handling prevents accidental exfiltration of sensitive content from shield logs
v1.4.0
Status redesign, Google SecOps branding, browser event fix, batch notifications, 60-day trial, stability hardening for VPS deployments
v0.8.1
Status redesign, Google SecOps branding, browser event fix, batch notifications, 60-day trial, stability hardening for VPS deployments
v1.3.6
Remove --mine flag and ownership UX (cases now instance-scoped by default at API level)
v1.3.5
Fix: add data flow disclosure so scanner correctly attributes external telemetry to plugin, not skill
v1.3.4
Fix: remove API transport reference from sibling case description to clarify authorization scope
v1.3.3
Fix: added output handling constraint for sensitive log fields to restore clean instruction scope scan
v1.3.2
v0.7.2: meaningful event summaries, trigger attribution visibility, updater safety fixes
v1.3.1
Plugin state A/B/C/D documentation, case investigation workflow, expanded uninstall docs, openclaw plugins install/uninstall commands
v1.3.0
v1.3.0: improved discoverability, plugin health-check onboarding, tuned detection thresholds
v0.6.9
M4: Improved discoverability for SIEM/security queries, plugin health-check onboarding (States A-D), license distribution note, state field in status RPC
v1.2.5
SIEM added to description and discoverability; Shield overview leads the skill; requires.bins declared for scanner; plugin state check moved after commands; prepublish guard updated to allow industry-standard security terms
v1.2.4
Onboarding UX: first-timer links point to trial landing page; expanded discoverability for threat detection, agent protection, audit queries; removed requires gate with 4-state plugin health-check preamble; added case triage and protection posture guidance
v1.2.3
License metadata correction: proprietary UPX license
v1.2.2
License metadata correction
v1.2.1
Simplified: use display field from RPC responses
v1.2.0
Case formatting guidelines: severity emojis, visual blocks, actionable next steps
v1.1.9
Documentation improvements, exclusions feature, ClawHub confidence guards
Metadata
Slug openclaw-shield-upx
Version 1.4.2
License MIT-0
All-time Installs 8
Active Installs 8
Total Versions 38
Frequently Asked Questions

What is OpenClaw Shield?

Security monitoring and threat detection for OpenClaw agents — powered by Google SecOps (Chronicle). Protect your agent with SIEM-powered real-time detection... It is an AI Agent Skill for Claude Code / OpenClaw, with 846 downloads so far.

How do I install OpenClaw Shield?

Run "/install openclaw-shield-upx" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is OpenClaw Shield free?

Yes, OpenClaw Shield is completely free, licensed under MIT-0. You can download, install and use it at no cost.

Which platforms does OpenClaw Shield support?

OpenClaw Shield is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created OpenClaw Shield?

It is built and maintained by brunopradof (@brunopradof); the current version is v1.4.2.

More Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463815 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259802 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200680 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191345 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190333 · by oswalpalash

💬 Comments