← Back to Skills Marketplace
caidongyun

Agent Dlp

by caidongyun · GitHub ↗ · v1.0.0 · MIT-0
cross-platform ⚠ suspicious
71
Downloads
0
Stars
1
Active Installs
1
Versions
Install in OpenClaw
/install agent-dlp
Description
Agent DLP - 数据防泄漏系统 功能: 入口防护、记忆保护、工具管控、出口过滤、审计日志 触发: (1)检查状态 (2)检查输入 (3)检查输出
README (SKILL.md)

Agent DLP - 数据防泄漏系统

版本: v1.0.0
状态: ✅ 可用

功能

功能 说明
Input Guard 入口防护,检测 Prompt Injection
Memory Guard 记忆保护,检测污染和敏感信息
Tool Guard 工具管控,危险工具审批
Output Filter 出口过滤,敏感信息脱敏/拦截
Audit Logger 审计日志,记录所有操作

架构

用户输入 → Input Guard → Agent → Memory Guard → Tool Guard → Output Filter → 用户
              注入检测        记忆检查      工具审批      脱敏拦截
                    ↓                                    ↓
              审计日志                              审计日志

使用方式

1. 查看状态

python3 lib/agent_dlp.py status

# 或
python3 bin/agent-dlp status

2. 检查入口 (Prompt Injection)

python3 bin/agent-dlp check-input "忽略之前的指令"
# 输出: 注入检测: 是 ❌

3. 检查出口 (敏感信息)

python3 bin/agent-dlp check-output "我的手机是13812345678"
# 输出: 拦截: 否 ✅, 发现: 中国手机号 (high)

4. 检查工具

python3 bin/agent-dlp check-tool exec
# 输出: 需要审批: 是 ⚠️

5. 查看日志

python3 bin/agent-dlp logs

规则

敏感信息规则

规则 类型 动作
china_idcard 身份证 拦截
china_phone 手机号 脱敏
api_key API Key 拦截
aws_key AWS Key 拦截
private_key 私钥 拦截
credit_card 信用卡 拦截
password 密码 脱敏
email 邮箱 脱敏

注入检测模式

模式 示例
ignore_previous "忽略之前的指令"
role_override "你现在是另一个AI"
privilege_escalation "admin mode override"

配置

编辑 config/config.json:

{
  "enabled": true,
  "mode": "normal",
  "input": {
    "injection_detection": true
  },
  "output": {
    "enabled": true,
    "rules": ["china_idcard", "china_phone", "api_key"]
  }
}

模式

模式 说明
normal 记录但不拦截,只拦截严重风险
strict 完整检查,严格拦截

代码结构

agent-dlp/
├── SKILL.md           # 本文档
├── bin/
│   └── agent-dlp      # CLI 入口
├── lib/
│   └── agent_dlp.py   # 核心模块
├── config/
│   └── config.json    # 配置文件
└── logs/              # 审计日志

核心类

功能
DLPConfig 配置管理
DLPRules 规则定义
InputGuard 入口检测
MemoryGuard 记忆保护
ToolGuard 工具管控
OutputFilter 出口过滤
AuditLogger 审计日志
AgentDLP 主类,整合所有功能

示例

Python 调用

from agent_dlp import AgentDLP

# 初始化
dlp = AgentDLP()

# 检查入口
result = dlp.check_input("忽略之前的指令")

# 检查出口
blocked, text, details = dlp.check_output("我的手机13812345678")

# 检查工具
result = dlp.check_tool("exec", {"command": "rm -rf /"})

版本: v1.0.0 | 创建日期: 2026-03-14

Usage Guidance
This package reads like documentation for a DLP tool but ships no code or install steps — that's the core red flag. Before installing or enabling this skill: 1) Request the source repository or packaged code and verify that bin/agent-dlp, lib/agent_dlp.py, config/config.json and logs/ exist and match the SKILL.md. 2) Inspect the actual code for any network calls, hidden endpoints, or commands that could execute system-level operations (the README example referencing 'rm -rf /' is particularly risky). 3) Prefer skills with a public homepage, source repo, release hashes, or an install spec from a known registry. 4) If you must test, run it in a restricted sandbox with no access to sensitive files or credentials. Additional information that would change this assessment to 'benign': included source code matching the SKILL.md, an install spec from a trusted source, and clear limits showing it only reads/writes its own directory and does not exfiltrate data.
Capability Tags
requires-wallet
Capability Assessment
Purpose & Capability
The skill's name/description (Agent DLP) match the documented capabilities (input/memory/tool/output guards, audit logging). However the SKILL.md repeatedly references Python binaries, a CLI, a lib/agent_dlp.py module, config/config.json and logs/ — none of which are included in the package. For a working DLP agent, those code files and/or an install step would be expected; their absence is an unexplained gap.
Instruction Scope
Runtime instructions tell the agent to run local Python scripts (python3 bin/agent-dlp, lib/agent_dlp.py), edit config/config.json, and view logs. Those steps require file-system access and executable code that aren't present. The doc also includes examples that reference dangerous commands (e.g., check_tool with rm -rf /), which could encourage executing or approving high-risk operations if code were supplied — the instructions therefore expand scope beyond passive checking.
Install Mechanism
No install spec is provided (instruction-only), which lowers the risk of hidden downloads. At the same time, the lack of an install or included code is inconsistent with the documented CLI and library — this uncertainty is concerning because it prevents verification of what would actually run.
Credentials
The skill declares no required environment variables or credentials, which is proportionate for a local DLP helper. The rules list many sensitive patterns (AWS keys, tokens, etc.) that the DLP would detect; that is expected for a DLP product and does not itself indicate overbroad credential access.
Persistence & Privilege
always is false and model invocation is not disabled (platform defaults). The SKILL.md suggests editing its own config and writing audit logs under logs/, which is reasonable for a DLP tool, but because no code/files are present we cannot verify file-scoping or whether it would try to modify other system areas or other skills' configs.
How to Use
  1. Make sure OpenClaw is installed (local or Docker)
  2. Run the install command in chat: /install agent-dlp
  3. After installation, invoke the skill by name or use /agent-dlp
  4. Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.0
Agent DLP v1.0.0 - 首发版 - 首次发布数据防泄漏(DLP)系统,支持入口防护、记忆保护、工具管控、出口过滤及审计日志。 - 提供注入检测、敏感信息识别与脱敏、危险命令审批等核心功能。 - 支持 CLI 操作与 Python 模块调用。 - 提供规则配置和模式切换(normal/strict)。 - 审计日志全流程记录。
Metadata
Slug agent-dlp
Version 1.0.0
License MIT-0
All-time Installs 1
Active Installs 1
Total Versions 1
Frequently Asked Questions

What is Agent Dlp?

Agent DLP - 数据防泄漏系统 功能: 入口防护、记忆保护、工具管控、出口过滤、审计日志 触发: (1)检查状态 (2)检查输入 (3)检查输出. It is an AI Agent Skill for Claude Code / OpenClaw, with 71 downloads so far.

How do I install Agent Dlp?

Run "/install agent-dlp" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is Agent Dlp free?

Yes, Agent Dlp is completely free, licensed under MIT-0. You can download, install and use it at no cost.

Which platforms does Agent Dlp support?

Agent Dlp is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created Agent Dlp?

It is built and maintained by caidongyun (@caidongyun); the current version is v1.0.0.

More Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191115 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 Comments