← Back to Skills Marketplace
62
Downloads
0
Stars
0
Active Installs
1
Versions
Install in OpenClaw
/install aip-security-guard
Description
Verify skill authorship, enforce declared permissions, and audit tool usage to secure OpenClaw environments using Agent Identity Protocol.
README (SKILL.md)
AIP Security Guard
Verify skill authors, enforce capability manifests, and audit tool calls. Adds identity and access control to your OpenClaw setup.
Setup
npm install -g aip-openclaw
Commands
- "verify skill [name]" -- check signature and manifest of an installed skill
- "show audit log" -- display recent tool call audit trail
- "security status" -- show which skills are signed, unsigned, or blocked
- "trust author [key]" -- add an author to your local trust list
How It Works
AIP Security Guard uses the Agent Identity Protocol (AIP) to verify skill authors via Ed25519 signatures and enforce capability manifests that declare what each skill is allowed to do.
Each skill can optionally include:
.aip-signature-- signed envelope proving the skill hasn't been tampered withaip-manifest.toml-- declaration of allowed MCP tools, network access, file access, shell, budget
The guard runs outside OpenClaw's trust boundary. All decisions are logged to an audit trail.
Links
Usage Guidance
Before installing or using this skill: (1) treat the `npm install -g aip-openclaw` step as installing arbitrary code — review the npm package and its source repo (the GitHub link) and prefer pinned releases or integrity hashes; (2) confirm what filesystem paths the tool will read/write (skill directories, trust lists, audit logs) and whether that level of access is acceptable; (3) prefer running the tool in a sandbox or container rather than as a global install; (4) ask the author/registry maintainer to add an explicit install spec, required binaries (npm/node), and declared permissions in the metadata so you can evaluate least-privilege requirements; (5) if you cannot validate the package provenance and contents, decline installation or test it in an isolated environment.
Capability Analysis
Type: OpenClaw Skill
Name: aip-security-guard
Version: 0.1.0
The skill is classified as suspicious due to deceptive documentation and high-risk installation instructions in SKILL.md. It references a fake Arxiv paper (ID 2603.24775, implying a 2026 publication date) and directs the agent to install a global NPM package (aip-openclaw) from an unverified source. The use of a future-dated academic reference and the promotion of unverified external software to 'secure' the system are classic indicators of social engineering or a potential supply chain attack, although no explicitly malicious code is present in the provided files.
Capability Assessment
Purpose & Capability
The declared purpose — verifying skill signatures and enforcing manifests — matches the SKILL.md description. However, the skill's metadata lists no install, binaries, or required env vars, while the runtime instructions explicitly require installing an external tool (npm package) to perform that work. The install instruction logically belongs to the purpose but is not reflected in the registry metadata.
Instruction Scope
SKILL.md instructs the user/agent to run `npm install -g aip-openclaw` and to manage a local trust list and audit logs. This implies filesystem write/read access, ability to run shell commands, and network access to npm/GitHub — none of which are declared. The instructions do not limit or specify exact files/paths to be read/written, nor do they provide safety checks for the external package.
Install Mechanism
There is no install spec in the registry entry but SKILL.md tells users to install a global npm package. Installing a global npm package downloads and executes third-party code (moderate-to-high risk) and the SKILL.md does not pin versions, provide integrity hashes, or justify why a privileged/global install is necessary.
Credentials
The skill declares no required env vars or config paths, yet its functionality (verifying installed skills, maintaining a trust list, logging audits) necessarily requires filesystem access and likely network access for key lookups. The lack of declared privileges/requirements is disproportionate to the described runtime behavior.
Persistence & Privilege
The skill is not always-enabled and does not request persistent platform privileges in the registry metadata (good). It can be invoked autonomously (default), which increases blast radius if the installed npm package is malicious — but autonomous invocation alone is not unusual and is not enough to mark it malicious.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install aip-security-guard - After installation, invoke the skill by name or use
/aip-security-guard - Provide required inputs per the skill's parameter spec and get structured output
Version History
v0.1.0
Initial release: skill signing, capability manifests, runtime enforcement for OpenClaw
Metadata
Frequently Asked Questions
What is AIP Security Guard?
Verify skill authorship, enforce declared permissions, and audit tool usage to secure OpenClaw environments using Agent Identity Protocol. It is an AI Agent Skill for Claude Code / OpenClaw, with 62 downloads so far.
How do I install AIP Security Guard?
Run "/install aip-security-guard" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is AIP Security Guard free?
Yes, AIP Security Guard is completely free, licensed under MIT-0. You can download, install and use it at no cost.
Which platforms does AIP Security Guard support?
AIP Security Guard is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created AIP Security Guard?
It is built and maintained by sunilp (@sunilp); the current version is v0.1.0.
More Skills