← Back to Skills Marketplace
koatora20

Guard Scanner

by dee-guava · GitHub ↗ · v16.0.2 · MIT-0
cross-platform ⚠ suspicious
5701
Downloads
2
Stars
10
Active Installs
17
Versions
Install in OpenClaw
/install guard-scanner
Description
Security scanner and runtime guard for OpenClaw skills, MCP servers, and AI agent workflows. Detects prompt injection, identity hijacking, memory poisoning,...
Usage Guidance
Install only if you are comfortable giving this skill broad local scanning authority and optional networked audit capabilities. Avoid running untrusted --plugin files, use audit/crawl/patrol/serve only in controlled environments, and review where it writes ~/.openclaw/guard-scanner audit and task state before enabling it as a runtime guard.
Capability Assessment
Purpose & Capability
The scanner, runtime guard, MCP server, audit, crawl, watch, and VirusTotal features broadly fit the stated security purpose, but the security policy and per-file manifests repeatedly describe narrower static/offline behavior than the code and SKILL.md actually expose.
Instruction Scope
User-facing commands can scan arbitrary directories, run an MCP server, patrol/crawl remote registries, load user-supplied plugin modules, and invoke a ClawHub CLI search through a shell path; most are user-directed, but the scope is broad and not consistently bounded.
Install Mechanism
No postinstall script or automatic cryptomining/credential-stealing install behavior was found. The package declares an OpenClaw extension and CLI, but the top-level skill metadata only declares a Node binary requirement and does not fully communicate runtime/network/env capabilities.
Credentials
Reads of VT_API_KEY, GITHUB_TOKEN, HOME, and GUARD_SCANNER_MODE, plus outbound access to GitHub/npm/VirusTotal/ClawHub, are coherent for optional auditing but are under-declared in some manifests and contradict the SECURITY.md claim that the tool makes no network requests except optional VirusTotal.
Persistence & Privilege
The runtime guard writes audit logs under ~/.openclaw/guard-scanner, the MCP async task system persists tasks.json, and patrol/serve modes can be long-running. These are purpose-aligned but need clearer retention, cleanup, and permission disclosure.
How to Use
  1. Make sure OpenClaw is installed (local or Docker)
  2. Run the install command in chat: /install guard-scanner
  3. After installation, invoke the skill by name or use /guard-scanner
  4. Provide required inputs per the skill's parameter spec and get structured output
Version History
v16.0.2
Improve ClawHub listing copy for search/discovery, align metadata with v16.0.2 metrics, and keep SKILL/package/plugin versions in sync.
v16.0.1
v16.0.1: 5-layer analysis pipeline, OWASP ASI compliance, 358 patterns, 35 categories, 27 runtime checks
v15.0.0
v15.0.0: 358 patterns, 35 categories, 27 runtime checks, 332 E2E tests. Unicode confusable, Base64 scan, ContextCrush gate.
v13.0.1
Fix SKILL.md frontmatter for OpenClaw compatibility. Add Finding Schema. 306 tests passing. SSOT aligned.
v5.0.8
v5.0.8
v5.0.7
v5.0.7: Improved ClawHub search visibility. Keyword-enriched description for scanner/security/skill queries. Updated stats: 150 patterns, 139 tests, 5 CVEs covered.
v5.0.6
v5.0.6: CVE-2026-2256 (MS-Agent check_safe bypass, CERT VU#431821) + CVE-2026-25046 (Kimi execSync injection). 150 patterns, 139 tests.
v5.0.5
v5.0.5: 147 patterns (23 categories), 136 tests, CVE-2026-25905/27825, VDB Injection, QuarantineNode, OSS cleanup
v5.0.4
v5.0.4: Stealth-encoded signatures to avoid static scanner false positives. 134/134 tests. Logarithmic decay for duplicate findings.
v5.0.3
v5.0.3: Added openclaw.hooks field for npm hook pack distribution — users can now run 'openclaw hooks install guard-scanner' directly
v5.0.2
v5.0.2: Added handler.ts for OpenClaw hooks compatibility — fixes openclaw hooks install
v5.0.1
v5.0.1: Pure OSS release — removed all proprietary references, 135 static + 26 runtime patterns, 22 categories, zero dependencies
v4.0.2
guard-scanner 4.0.2 introduces major upgrades with expanded runtime protection and improved performance. - Added full runtime blocking of dangerous tool calls via OpenClaw plugin hook (26 patterns, 5 layers, 0.016ms/scan) - Runtime Guard enforcement modes (`monitor`, `enforce`, `strict`) are now fully functional (blocking supported) - Increased pattern library: 135 static + 26 runtime patterns, covering 22 threat categories - Expanded and clarified documentation; now includes clear requirements for `--soul-lock` identity protection - Test suite greatly extended to 134 tests across 24 suites - No network access or dependencies; scanning remains fully local and deterministic
v2.1.0
guard-scanner 2.1.0 - Enhanced documentation and onboarding: added detailed OpenClaw integration/limitations, step-by-step start, and clarified runtime mode status. - New task lists, docs, and sample fixture skills added for maintainers. - Updated test coverage to include new fixture examples of leaky/PII risks. - Improved terminology: now explicitly identifies current runtime guard as "warn-only" until OpenClaw `cancel` API lands. - Documentation now clearly reflects that no network or model calls occur, and local-only audit logging remains unchanged.
v2.0.1
docs: README updated for v2.0.0 — Security Gaps section, test counts, roadmap
v2.0.0
feat: Plugin Hook runtime guard with actual blocking. 3 modes: monitor/enforce/strict. 35 new tests.
v1.0.0
🛡️ Initial release: 170+ threat patterns, 17 categories, Runtime Guard hook, SARIF/HTML/JSON output, Plugin API. Zero dependencies.
Metadata
Slug guard-scanner
Version 16.0.2
License MIT-0
All-time Installs 215
Active Installs 10
Total Versions 17
Frequently Asked Questions

What is Guard Scanner?

Security scanner and runtime guard for OpenClaw skills, MCP servers, and AI agent workflows. Detects prompt injection, identity hijacking, memory poisoning,... It is an AI Agent Skill for Claude Code / OpenClaw, with 5701 downloads so far.

How do I install Guard Scanner?

Run "/install guard-scanner" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is Guard Scanner free?

Yes, Guard Scanner is completely free, licensed under MIT-0. You can download, install and use it at no cost.

Which platforms does Guard Scanner support?

Guard Scanner is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created Guard Scanner?

It is built and maintained by dee-guava (@koatora20); the current version is v16.0.2.

More Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191115 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 Comments