← Back to Skills Marketplace
oleglegegg

Sentinel — Agent Security Layer

by Oleg · GitHub ↗ · v1.0.5 · MIT-0
cross-platform ✓ Security Clean
294
Downloads
0
Stars
1
Active Installs
5
Versions
Install in OpenClaw
/install sentinel-oleg
Description
Runtime security layer for OpenClaw agents. Intercepts and scans all external input (emails, API responses, web content, chat messages, calendar events) for...
Usage Guidance
This skill is a set of local bash filters that scan stdin and stdout for injections and secrets and stores logs under ~/.sentinel. Before installing/using: (1) review and test the scripts on non-sensitive sample data; (2) be aware the canary tool can modify files you point it at (e.g., SOUL.md or other prompts) — back up those files first; (3) the premium rules require jq and an optional premium_patterns.json file (if absent the premium check is a no-op); (4) expect false positives (hex strings or common words may trigger crypto/secret heuristics) — tune thresholds/patterns in ~/.sentinel/config.sh or by editing the patterns; (5) there are no hidden network calls in the provided scripts, but always inspect any third-party premium patterns before placing them in ~/.sentinel. If you need the sentinel to be enforced platform-wide, note that this package does not automatically force inclusion — you must integrate the scripts into your agent pipeline yourself.
Capability Analysis
Type: OpenClaw Skill Name: sentinel-oleg Version: 1.0.5 Claw Sentinel is a comprehensive runtime security suite designed to protect OpenClaw agents from prompt injection, data exfiltration, and secret leakage. The bundle consists of Bash scripts (sentinel-input.sh, sentinel-output.sh) and a large library of regex patterns (patterns.json) that scan data in real-time across multiple languages (EN, RU, ZH, etc.). It includes sophisticated normalization techniques to counter obfuscation (e.g., stripping zero-width characters, de-leeting, and base64 decoding) and implements a canary token system (sentinel-canary.sh) to detect system prompt extraction. All logic is transparent, operates locally, and aligns strictly with its stated defensive purpose.
Capability Assessment
Purpose & Capability
The name/description (runtime input/output sentinel) matches the provided artifacts: multiple bash scripts that scan stdin, log threats to ~/.sentinel/threats.jsonl, generate/check canaries, and optionally use a premium patterns file. No unexplained environment variables, binaries, or cloud credentials are required.
Instruction Scope
SKILL.md and scripts stay within the stated purpose (intercept/scan inputs and monitor outputs). Noteworthy: the guide explicitly instructs adding invisible canary markers into SOUL.md or system prompts and recommends piping all external content through the filters — these are expected for a runtime sentinel but do instruct modifying local agent files (SOUL.md/system prompt), so users should review and back up any files before injecting markers.
Install Mechanism
No install spec; this is instruction-plus-scripts (pure bash). No downloads or remote installers are invoked by the package. The scripts rely on common utilities (grep, sed, base64, optionally jq).
Credentials
The skill asks for no credentials or env vars. The scripts scan for many secret/token formats (OpenAI, AWS, GitHub, crypto keys, etc.), which is coherent with its stated goal. The premium pack path (~/.sentinel/premium_patterns.json) and optional use of jq are documented and proportional.
Persistence & Privilege
The scripts create and write logs under ~/.sentinel and can inject canary markers into user-specified files. always:false and autonomous invocation defaults are unchanged. Writing to user files and creating ~/.sentinel is expected for the tool's purpose but is a permanent local change the user should consent to.
How to Use
  1. Make sure OpenClaw is installed (local or Docker)
  2. Run the install command in chat: /install sentinel-oleg
  3. After installation, invoke the skill by name or use /sentinel-oleg
  4. Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.5
No changes detected in this version. - No file or documentation changes were introduced in version 1.0.5.
v1.0.4
changed the skill's name
v1.0.2
- Skill name updated from "claw-sentinel" to "claw-sentinel" (no effective change). - No code or documentation changes detected in this version. - Version number updated to 1.0.2 for tracking, but content remains the same as 1.0.0.
v1.0.1
- Removed test scripts: tests/red-team-tests.sh and tests/test-sentinel.sh. - Updated all documentation and usage examples to reflect the package name as "claw-sentinel" instead of "sentinel-oleg". - Minor adjustments to Quick Start instructions for clarity; no functional or runtime changes.
v1.0.0
Major update: Sentinel is now Claw Sentinel, focusing on real-time runtime security for OpenClaw agents. - Replaces AI state monitoring/backup with runtime scanning of all input/output for prompt injection, data exfiltration, credential leaks, and social engineering attacks. - Added Bash scripts for seamless interception and scanning of agent inputs and outputs. - Supports multi-language injection detection (EN/RU/ZH/ES/AR/KO/JA) and encoding normalization. - Implements canary token system to detect prompt extraction. - New audit logging and configuration via shell scripts. - Previous Python codebase and documentation replaced by lightweight Bash-based pipeline and updated docs.
Metadata
Slug sentinel-oleg
Version 1.0.5
License MIT-0
All-time Installs 1
Active Installs 1
Total Versions 5
Frequently Asked Questions

What is Sentinel — Agent Security Layer?

Runtime security layer for OpenClaw agents. Intercepts and scans all external input (emails, API responses, web content, chat messages, calendar events) for... It is an AI Agent Skill for Claude Code / OpenClaw, with 294 downloads so far.

How do I install Sentinel — Agent Security Layer?

Run "/install sentinel-oleg" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is Sentinel — Agent Security Layer free?

Yes, Sentinel — Agent Security Layer is completely free, licensed under MIT-0. You can download, install and use it at no cost.

Which platforms does Sentinel — Agent Security Layer support?

Sentinel — Agent Security Layer is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created Sentinel — Agent Security Layer?

It is built and maintained by Oleg (@oleglegegg); the current version is v1.0.5.

More Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463556 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259610 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200551 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191226 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190235 · by oswalpalash

💬 Comments