← Back to Skills Marketplace
0xbeekeeper

AgentGuard

by GoPlus · GitHub ↗ · v1.0.12 · MIT-0
cross-platform ⚠ suspicious
2101
Downloads
4
Stars
20
Active Installs
6
Versions
Install in OpenClaw
/install security
Description
GoPlus AgentGuard — AI agent security guard. Run /agentguard checkup for a full security health check, scans all installed skills, checks credentials, permis...
Usage Guidance
This skill is an on-agent security auditor and appears coherent with that purpose, but it will run Node scripts and system inspection commands that touch sensitive locations (e.g., ~/.openclaw, ~/.claude, ~/.ssh, ~/.gnupg) and will write audit logs to ~/.agentguard. Before installing or running: (1) review the bundled scripts (you have them) and ensure you trust the source code (the package tries to import a local 'dist' or '@goplus/agentguard'); (2) do not set GOPLUS_API_KEY/GOPLUS_API_SECRET unless you want Web3 simulation and trust the remote API; (3) keep AGENTGUARD_AUTO_SCAN unset unless you want opt-in session auto-scans (it is off by default); (4) be aware the scanner will enumerate files and environment variables for secret scanning — if you need stricter limits, audit/modify the SKILL.md/script behaviors before use. Overall the tool's requested accesses and behavior match a legitimate security scanner, but you should verify the code and run in a controlled environment first.
Capability Analysis
Type: OpenClaw Skill Name: security Version: 1.0.12 The bundle is a comprehensive security framework (GoPlus AgentGuard) designed to audit AI agents, but it is classified as suspicious due to its high-privilege requirements and broad system access. It requests read access to sensitive directories including ~/.ssh/ and ~/.gnupg/ (SKILL.md), and it has the capability to modify system persistence via cron jobs (patrol-checks.md). While these actions are aligned with its stated purpose of security auditing and credential safety checks, the bundle possesses the inherent capability to access private keys and execute arbitrary shell commands via its bundled scripts (scripts/action-cli.ts, scripts/trust-cli.ts). The inclusion of a complex HTML report generator that automatically opens a browser (scripts/checkup-report.js) further increases the functional risk profile of the skill.
Capability Tags
cryptorequires-walletrequires-sensitive-credentialsposts-externally
Capability Assessment
Purpose & Capability
Name/description (agent security guard / health check / scanning installed skills) align with the files, docs, and allowed commands. The skill legitimately needs to discover installed skills, inspect config files and system state, and run node scripts to produce reports. Optional GOPLUS_API_KEY / GOPLUS_API_SECRET are declared for Web3 simulation only.
Instruction Scope
SKILL.md and patrol-checks.md explicitly target agent-related paths (~/.claude, ~/.openclaw, ~/.qclaw, $OC) and list stat/permission checks for ~/.ssh and ~/.gnupg. The allowed tools list permits system inspection commands (ss/lsof/ufw/iptables/find/stat/env). There is a small mismatch to note: SKILL.md claims '~/.ssh/' and '~/.gnupg/' are checked with stat-only (no key content read), while some patrol-check steps (find, file modification checks) will enumerate files in those directories and other docs reference scanning workspace files for secret patterns — this is consistent with an audit tool but does broaden scope beyond pure stat-only checks.
Install Mechanism
No external download/install spec is provided (instruction-only), reducing install-time risk. The bundle contains Node scripts that import a local dist path or the '@goplus/agentguard' package; this is a normal design (fallback to local engine or packaged dependency). Consumers should ensure Node 18+ and dependencies are from a trusted environment before executing.
Credentials
The skill requests no required secrets and declares GOPLUS_API_KEY / GOPLUS_API_SECRET as optional for enhanced Web3 simulation, which is proportionate to the described Web3 features. Runtime scripts do read process.env for opt-in gating (e.g., AGENTGUARD_AUTO_SCAN) — expected for an opt-in auto-scan hook.
Persistence & Privilege
always is false and there is no automatic always-on installation. The bundle writes to ~/.agentguard for audit logs and config (explicitly declared), which is appropriate for an auditing tool. The auto-scan hook is gated by AGENTGUARD_AUTO_SCAN and does not run by default.
How to Use
  1. Make sure OpenClaw is installed (local or Docker)
  2. Run the install command in chat: /install security
  3. After installation, invoke the skill by name or use /security
  4. Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.12
- Added scripts directory with required files for registry and trust management. - Improved documentation for safer script execution: always resolve the absolute path for scripts/ and cd into the skill directory before running commands. - Updated allowed-tools to include Write and Bash(node *) for improved compatibility. - Enhanced filesystem-access section to document required read/write permissions for audit and configuration. - Removed scripts/package.json; split lockfiles for better node_modules management.
v1.0.11
- The description now highlights the new /agentguard checkup feature: a full agent security health check that scans all installed skills, checks credentials, permissions, and network exposure, then delivers an HTML report. - Emphasized checkup as a primary use case alongside scanning code, blocking risky commands, and evaluating runtime actions. - No changes were made to functionality, command structure, or detection rules. - Documentation is now clearer for users about running agent security checkups and receiving actionable reports.
v1.0.10
**AgentGuard v1.0.10 adds security patrol and checkup features, expands tooling, and reorganizes scripts.** - Added daily security patrol subcommand for OpenClaw environments and included `patrol-checks.md`. - Introduced `checkup` command for comprehensive agent health checks and HTML reporting (new script: `scripts/checkup-report.js`). - Updated allowed tools: Bash access to security/system/checkup tools (e.g., `openclaw`, `ss`, `lsof`, `ufw`, `iptables`, etc.) for patrol and checkup support. - Expanded SKILL.md routing for new subcommands; updated description and metadata version to 1.1. - Removed old scripts and lockfiles; added `.clawignore` and updated documentation. - README.md and patrol documentation added for better usability and user guidance.
v1.0.4
### Security - Auto-scan is now **opt-in** (disabled by default) to address ClawHub security review - Claude Code: requires `AGENTGUARD_AUTO_SCAN=1` environment variable - OpenClaw: requires `{ skipAutoScan: false }` when registering the plugin - Auto-scan now operates in **report-only mode** — scans skills and reports results to stderr, but no longer calls `forceAttest` or modifies the trust registry - Audit log (`~/.agentguard/audit.jsonl`) no longer records code snippets, evidence details, or scan summaries — only skill name, risk level, and risk tag names ### Removed - `forceAttest` calls from `auto-scan.js` and `openclaw-plugin.ts` - `inferCapabilities`, `determineTrustLevel`, `riskToTrustLevel` helpers from OpenClaw plugin (no longer needed)
v1.0.3
- Initial release of in-skill agent security scripts and utilities. - Added dedicated scripts for action evaluation (`action-cli.ts`), auto-scan, trust management (`trust-cli.ts`), and registry data storage. - Introduced explicit trust workflow: registration now always uses AgentGuard’s own scripts, never untrusted code from scanned targets. - Updated documentation and skill metadata for Node.js 18+ compatibility and optional GoPlus Web3 API usage. - Enhanced post-scan trust registration: requires explicit user confirmation and displays exact command before execution. - Included web3-patterns and evaluation documentation for improved transparency and traceability.
v0.1.0
agentguard v0.1.0 changelog: - Initial release of GoPlus AgentGuard skill for AI agent security. - Supports scanning codebases for 24 types of security risks with detailed detection and output. - Enables security report generation with actionable summaries and trust registration flow for skills. - Includes runtime action safety evaluation for commands, file/network/web3 requests, and secret access. - Adds trust management and security event reporting capabilities.
Metadata
Slug security
Version 1.0.12
License MIT-0
All-time Installs 21
Active Installs 20
Total Versions 6
Frequently Asked Questions

What is AgentGuard?

GoPlus AgentGuard — AI agent security guard. Run /agentguard checkup for a full security health check, scans all installed skills, checks credentials, permis... It is an AI Agent Skill for Claude Code / OpenClaw, with 2101 downloads so far.

How do I install AgentGuard?

Run "/install security" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is AgentGuard free?

Yes, AgentGuard is completely free, licensed under MIT-0. You can download, install and use it at no cost.

Which platforms does AgentGuard support?

AgentGuard is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created AgentGuard?

It is built and maintained by GoPlus (@0xbeekeeper); the current version is v1.0.12.

More Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191115 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 Comments