← Back to Skills Marketplace
beyound87

Security Hardening Safey

by beyound87 · GitHub ↗ · v1.4.0 · MIT-0
cross-platform ⚠ suspicious
154
Downloads
0
Stars
0
Active Installs
4
Versions
Install in OpenClaw
/install security-hardening-safey
Description
Agent 安全加固技能。用于:(1) 安装后经用户确认,将安全红线注入所有 Agent 的底层记忆(AGENTS.md),精简版注入~112行,不造成token膨胀;(2) 当用户问到安全规则、提示词注入防御、危险命令管控、外部代码审查、多模态注入等话题时加载此技能;(3) 进行安全审计或排查疑似注入事件时使用...
Usage Guidance
This skill appears to do what it claims (inject and manage security rules across OpenClaw agents) and contains the scripts and rule documents to do so. Before installing or running init.sh: 1) Inspect references/SECURITY-RULES-CORE.md to ensure you agree with the injected text and markers; 2) Backup your ~/.openclaw/agents/*/agent/AGENTS.md and SOUL.md so you can revert if needed; 3) Run init.sh interactively (do not use --yes) the first time to review the preview and confirmations; 4) Prefer testing on a non-production agent directory first to observe behavior; 5) Note the package has no homepage and an unknown source—if you require stronger provenance, request a published source or vendor contact or only install from a vetted registry. If you need automated deployment, plan how you will authorize it securely (audit logs, CI safeguards) because the script can operate unattended with --yes.
Capability Tags
requires-sensitive-credentials
Capability Assessment
Purpose & Capability
Name/description match the actual behavior: the skill contains rule files and scripts to scan, inject, update, and remove a SECURITY-RULES block in ~/.openclaw/agents/*/agent/AGENTS.md and to append a safety paragraph to SOUL.md. No unrelated credentials, binaries, or network endpoints are requested. The provided scripts and rule documents are proportional to the declared goal.
Instruction Scope
SKILL.md and scripts confine actions to the OpenClaw agent area (~/.openclaw/agents/*) and to the skill's own directory. The init script previews changes and requires interactive confirmation by default, but supports --yes to skip confirmation for automation; that allows unattended, wide-scoped modifications if used. Otherwise instructions do not ask the agent to read unrelated system files or secrets.
Install Mechanism
No install spec or external downloads; the skill is instruction-plus-local-scripts only. All code is included in the bundle and nothing is fetched from remote URLs or package registries. The scripts write to disk under the OpenClaw directory as expected for this utility.
Credentials
The skill requests no environment variables, credentials, or external config paths. Scripts operate relative to HOME/.openclaw and do not read or exfiltrate secrets. The rules explicitly forbid reading sensitive config (e.g., ~/.openclaw/openclaw.json), and that is consistent with the lack of credential requirements.
Persistence & Privilege
The skill intentionally creates persistent changes: it injects rule blocks into every AGENTS.md under ~/.openclaw/agents and appends to SOUL.md, and writes a .initialized flag in the skill directory. This persistent modification aligns with its purpose but has high blast radius (affects all agents). There is no always:true flag, but the --yes automation option and the ability to create AGENTS.md where missing mean user confirmation matters.
How to Use
  1. Make sure OpenClaw is installed (local or Docker)
  2. Run the install command in chat: /install security-hardening-safey
  3. After installation, invoke the skill by name or use /security-hardening-safey
  4. Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.4.0
安装时自动运行初始化脚本和一键式卸载支持
v1.3.0
安装时自动运行初始化脚本和一键式卸载支持
v1.2.0
安装时自动运行初始化脚本和一键式卸载支持
v1.1.0
精简注入体积78%(524行→112行),新增多模态注入/路径穿越/外部代码审查等17大安全维度,整合skill-vetter红旗检测与风险四级分类
Metadata
Slug security-hardening-safey
Version 1.4.0
License MIT-0
All-time Installs 0
Active Installs 0
Total Versions 4
Frequently Asked Questions

What is Security Hardening Safey?

Agent 安全加固技能。用于:(1) 安装后经用户确认,将安全红线注入所有 Agent 的底层记忆(AGENTS.md),精简版注入~112行,不造成token膨胀;(2) 当用户问到安全规则、提示词注入防御、危险命令管控、外部代码审查、多模态注入等话题时加载此技能;(3) 进行安全审计或排查疑似注入事件时使用... It is an AI Agent Skill for Claude Code / OpenClaw, with 154 downloads so far.

How do I install Security Hardening Safey?

Run "/install security-hardening-safey" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is Security Hardening Safey free?

Yes, Security Hardening Safey is completely free, licensed under MIT-0. You can download, install and use it at no cost.

Which platforms does Security Hardening Safey support?

Security Hardening Safey is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created Security Hardening Safey?

It is built and maintained by beyound87 (@beyound87); the current version is v1.4.0.

More Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463942 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259883 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200739 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191401 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190375 · by oswalpalash

💬 Comments