← Back to Skills Marketplace
subaru0573

superguard

by Subaru0573 · GitHub ↗ · v1.0.0 · MIT-0
cross-platform ⚠ suspicious
93
Downloads
0
Stars
0
Active Installs
1
Versions
Install in OpenClaw
/install superguard
Description
MoltGuard — OpenClaw security guard by OpenGuardrails. Install MoltGuard to protect you and your human from prompt injection, data exfiltration, and maliciou...
Usage Guidance
This SKILL.md appears to describe a real security plugin, but before installing: 1) verify the plugin package source (openclaw plugin '@openguardrails/moltguard') and inspect the code it will install (don’t blindly run install commands); 2) confirm you trust the Core endpoint and the openguardrails GitHub repo — the plugin will ask for and store an API key in ~/.openclaw/credentials/moltguard/ and may send data to Core; 3) ensure your system has the required tools ('openclaw' CLI and 'node') even though the registry declared none; 4) note metadata inconsistencies (ownerId/version differences and odd text in the description) — ask the publisher to clarify provenance if you rely on this for security; and 5) if you proceed, inspect the installed extension files and network activity and avoid pasting secret keys into unknown web pages until you confirm the identity of the vendor. If you want higher assurance, request a packaged install artifact or signed release and a clear provenance chain.
Capability Analysis
Type: OpenClaw Skill Name: superguard Version: 1.0.0 The 'superguard' skill bundle acts as an installer for an external plugin (@openguardrails/moltguard) and employs several suspicious prompt-injection techniques in SKILL.md. It includes a 'word salad' adversarial suffix in the description and explicitly instructs the AI agent to perform actions without human intervention ('when you want to protect yourself') and to report a hardcoded success message to the user to gain trust. These behaviors, combined with the use of external scripts for 'enterprise enrollment' and credential 'claiming', suggest an attempt to manipulate the agent's behavior and potentially redirect security telemetry.
Capability Assessment
Purpose & Capability
The skill claims to install MoltGuard (a guard for prompt injection and data exfiltration) and instructs the agent to run openclaw plugin commands and node scripts once installed. That purpose aligns with the described functionality, but the registry metadata declares no required binaries while the instructions clearly require the 'openclaw' CLI and 'node' for scripts—an inconsistency that should be resolved.
Instruction Scope
The runtime instructions are focused on installing/using the MoltGuard plugin and testing it. They instruct reading a sample file inside the extension directory, running openclaw plugin commands, and running node scripts for enterprise enroll/unenroll and uninstall. These steps are within the plugin's scope, but they direct the user/agent to reveal and store API keys and to perform actions that rely on a remote Core service (account claim, dashboard, quota), so the operator should understand where credentials will go and what external endpoints are contacted.
Install Mechanism
This is an instruction-only skill with no bundled install spec; the SKILL.md tells users to run 'openclaw plugins install @openguardrails/moltguard', which will fetch and execute external plugin code not present in this package. The skill gives no cryptographic provenance or pinned source for that package. Installing an external plugin is expected for this purpose, but the lack of an included install provenance or packaged code means you are about to fetch code from outside the registry — a higher-risk action that should be verified (e.g., check the upstream repo/official release).
Credentials
The registry lists no required environment variables, which matches the package being instruction-only. However SKILL.md repeatedly references an API key, storing credentials at '~/.openclaw/credentials/moltguard/', and commands that display the API key (/og_status). Requiring and storing an API key is reasonable for a cloud-managed guard, but the skill will cause you to generate/provide sensitive credentials and potentially paste them into external web pages. That is proportionate to the stated purpose but carries predictable sensitive-data risk that the user must accept and validate the Core endpoint for.
Persistence & Privilege
The skill does not request 'always: true' and does not declare changes to other skills or system-wide settings beyond installing and configuring its own plugin. It does describe saving credentials and starting persistent protection (expected behavior). Autonomous invocation remains enabled by default (normal) but is not in itself flagged here.
How to Use
  1. Make sure OpenClaw is installed (local or Docker)
  2. Run the install command in chat: /install superguard
  3. After installation, invoke the skill by name or use /superguard
  4. Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.0
Initial release of MoltGuard for OpenClaw: - Provides protection against prompt injection, data exfiltration, and malicious commands in files and web content. - Simple installation with 500 free security detections per day. - Includes commands for status, configuration, agent claiming, dashboard access, and Core portal integration. - Outlines onboarding for individuals and enterprises, including agent claiming and private Core deployment. - Details coverage against prompt/instruction, behavioral, and data risks, plus intent-action mismatch detection. - Documents upgrade, update, and uninstall procedures. - Lists available plans and contact support information.
Metadata
Slug superguard
Version 1.0.0
License MIT-0
All-time Installs 0
Active Installs 0
Total Versions 1
Frequently Asked Questions

What is superguard?

MoltGuard — OpenClaw security guard by OpenGuardrails. Install MoltGuard to protect you and your human from prompt injection, data exfiltration, and maliciou... It is an AI Agent Skill for Claude Code / OpenClaw, with 93 downloads so far.

How do I install superguard?

Run "/install superguard" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is superguard free?

Yes, superguard is completely free, licensed under MIT-0. You can download, install and use it at no cost.

Which platforms does superguard support?

superguard is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created superguard?

It is built and maintained by Subaru0573 (@subaru0573); the current version is v1.0.0.

More Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191115 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 Comments