← Back to Skills Marketplace
Tetra Scar Safety
by
aibenyclaude-coder
· GitHub ↗
· v0.1.0
· MIT-0
108
Downloads
0
Stars
0
Active Installs
1
Versions
Install in OpenClaw
/install tetra-scar-safety
Description
Agent safety that learns from incidents. Reflex arc blocks repeat threats without LLM calls.
Usage Guidance
This skill appears to be what it claims: a local safety checker with an append-only incident log. Before installing, consider: (1) audit runs will read files you point it at — do not run audits over root or system directories unless you intend that; (2) safety_scars.jsonl (default ./safety_scars.jsonl) is append-only and may contain incident text that includes secrets or sensitive details — store it with restrictive file permissions, move it to a secure location, or encrypt it if needed; (3) the skill has no network or credential requirements in the provided code, but you should still review the source included in the package before enabling autonomous invocation; (4) for CI/pre-commit use, configure scar file location and retention policy to avoid leaking historical incidents. If you want higher assurance, run the included tests locally and inspect audit/recorded entries to confirm no unexpected behavior.
Capability Analysis
Type: OpenClaw Skill
Name: tetra-scar-safety
Version: 0.1.0
The 'scar-safety' skill is a security utility designed to protect AI agents by detecting and blocking dangerous commands, secret exposures, and potential injection attacks. It implements a two-layer defense: a static regex-based scanner (targeting patterns like 'rm -rf', 'DROP TABLE', and leaked AWS/GitHub keys) and a 'scar' memory system that records past incidents to prevent recurrence via keyword matching. The code in 'scar_safety.py' is transparent, uses only Python standard library modules, and includes a comprehensive test suite ('test_scar_safety.py'). No evidence of data exfiltration, unauthorized remote execution, or malicious prompt injection was found; the tool's high-privilege actions (like directory auditing) are strictly aligned with its stated purpose as a safety framework.
Capability Assessment
Purpose & Capability
Name/description (learning safety, reflex arc, blocking repeat threats) match the code and SKILL.md. The code implements built-in regex rules, an append-only scar store (safety_scars.jsonl), reflex matching, and CLI/API entry points described in SKILL.md. No unrelated requirements (no cloud creds, no unrelated binaries) are requested.
Instruction Scope
SKILL.md and the code instruct the agent to check actions, record incidents, audit directories, and list scars. This requires reading project files and writing the scar JSONL file; that behavior is coherent with the stated purpose but means the skill will read arbitrary files passed to audit and may persist incident descriptions (which could include secrets) to disk.
Install Mechanism
There is no install spec; the skill is single-file Python and uses only the stdlib. No downloads, third-party packages, or external installers are requested. This minimizes install-time risk.
Credentials
The skill requests no environment variables or external credentials (primaryEnv none). However, it reads filesystem contents during audits and writes an append-only safety_scars.jsonl file in the working directory; those files may contain sensitive information. The requested access is proportional to its purpose but carries privacy risks that the user should consider.
Persistence & Privilege
always:false and normal autonomous invocation are set (no elevated platform privileges). The skill persists scars in an append-only JSONL file (default ./safety_scars.jsonl). That persistent storage is by design but cannot be deleted/modified by the tool and may accumulate sensitive data; the skill does not appear to modify other skills or global agent config.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install tetra-scar-safety - After installation, invoke the skill by name or use
/tetra-scar-safety - Provide required inputs per the skill's parameter spec and get structured output
Version History
v0.1.0
Initial release of scar-safety (version 0.1.0):
- Introduces a security system that adapts by recording and blocking repeated incidents ("scars").
- Combines static threat detection (regex/heuristic) with incident-based reflex arc for instant blocking.
- Implements severity levels: CRITICAL (auto-block), HIGH (warn+confirm), MEDIUM (warn), LOW (log).
- CLI and Python API for safety checks, incident recording, directory audits, and scar listing.
- Designed for pre-execution safety in AI agents, file writes, network requests, and pre-commit hooks.
Metadata
Frequently Asked Questions
What is Tetra Scar Safety?
Agent safety that learns from incidents. Reflex arc blocks repeat threats without LLM calls. It is an AI Agent Skill for Claude Code / OpenClaw, with 108 downloads so far.
How do I install Tetra Scar Safety?
Run "/install tetra-scar-safety" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is Tetra Scar Safety free?
Yes, Tetra Scar Safety is completely free, licensed under MIT-0. You can download, install and use it at no cost.
Which platforms does Tetra Scar Safety support?
Tetra Scar Safety is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created Tetra Scar Safety?
It is built and maintained by aibenyclaude-coder (@aibenyclaude-coder); the current version is v0.1.0.
More Skills