← Back to Skills Marketplace
halfmoon82

Subagent Isolation Guard

by halfmoon82 · GitHub ↗ · v1.0.0
cross-platform ⚠ suspicious
340
Downloads
0
Stars
2
Active Installs
1
Versions
Install in OpenClaw
/install subagent-isolation-guard
Description
固化子代理物理隔离与语义路由旁路。防止跨代理上下文污染及由于语义路由导致的子代理切模/重置问题。
Usage Guidance
This instruction-only skill is coherent for hardening subagent isolation, but it asks you to add a routing bypass and require session IDs to contain ':subagent:'. Before implementing: (1) perform a code review of semantic-webhook-server.py changes and restrict who can edit it and AGENTS.md; (2) avoid relying on a plain string marker — require authenticated, signed, or unforgeable session tokens (not just a prefix) so attackers cannot spoof ':subagent:'; (3) add logging, monitoring, and audits for all bypassed requests; (4) test thoroughly in a staging environment to ensure the bypass doesn't let untrusted inputs evade policy or model-safety checks; (5) consider safer alternatives (e.g., mutual TLS, signed JWT session claims, or an allowlist tied to agent identities) if you need robust isolation. If you cannot enforce these controls, treat deploying this bypass as high risk.
Capability Analysis
Type: OpenClaw Skill Name: subagent-isolation-guard Version: 1.0.0 The skill bundle contains architectural guidelines and documentation for implementing subagent isolation and routing bypass within the OpenClaw framework. It focuses on preventing context pollution and session resets by recommending separate workspaces and specific session tagging, with no executable code, malicious instructions, or data exfiltration risks identified in SKILL.md or _meta.json.
Capability Assessment
Purpose & Capability
The skill's name and description match the content of SKILL.md: it proposes workspace isolation and a routing-bypass for subagents. It does not request unrelated credentials, binaries, or installs, so required capabilities align with the stated purpose.
Instruction Scope
SKILL.md instructs modifying runtime logic (semantic-webhook-server.py) to detect a session_key marker ':subagent:' and 'bypass' semantic routing by returning 'continue' and not injecting declarations or model suggestions. This is within the stated goal but is operationally dangerous: it creates an explicit bypass in routing logic and relies on a simple string marker that can be spoofed unless additional safeguards (authentication, signature, or unforgeable session tokens) are enforced. The instructions are also vague about implementation details and access controls.
Install Mechanism
Instruction-only skill with no install spec or code to download. No files are written by the skill itself, minimizing installer-related risk.
Credentials
No environment variables, credentials, or config paths are requested. The absence of extra secrets is proportionate to the stated purpose.
Persistence & Privilege
The skill is not always-enabled and is user-invocable; however, its runtime guidance expects operators to modify server code and configuration (AGENTS.md and semantic-webhook-server.py). Those actions require write privileges and careful change control — the skill implicitly assumes the ability to edit server-side routing code and agent configuration, which elevates operational privilege requirements.
How to Use
  1. Make sure OpenClaw is installed (local or Docker)
  2. Run the install command in chat: /install subagent-isolation-guard
  3. After installation, invoke the skill by name or use /subagent-isolation-guard
  4. Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.0
Initial release: solidifies subagent workspace isolation and semantic routing bypass for subagent sessions.
Metadata
Slug subagent-isolation-guard
Version 1.0.0
License
All-time Installs 2
Active Installs 2
Total Versions 1
Frequently Asked Questions

What is Subagent Isolation Guard?

固化子代理物理隔离与语义路由旁路。防止跨代理上下文污染及由于语义路由导致的子代理切模/重置问题。 It is an AI Agent Skill for Claude Code / OpenClaw, with 340 downloads so far.

How do I install Subagent Isolation Guard?

Run "/install subagent-isolation-guard" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is Subagent Isolation Guard free?

Yes, Subagent Isolation Guard is completely free (open-source). You can download, install and use it at no cost.

Which platforms does Subagent Isolation Guard support?

Subagent Isolation Guard is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created Subagent Isolation Guard?

It is built and maintained by halfmoon82 (@halfmoon82); the current version is v1.0.0.

More Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191115 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 Comments