← Back to Skills Marketplace
atlaspa

Openclaw Marshal

by AtlasPA · GitHub ↗ · v1.0.2
darwinlinuxwin32 ⚠ suspicious
1535
Downloads
1
Stars
3
Active Installs
3
Versions
Install in OpenClaw
/install openclaw-marshal
Description
Compliance and policy enforcement for agent workspaces. Define security policies, audit compliance, check command restrictions, and generate audit-ready reports. Free alert layer — upgrade to openclaw-marshal-pro for active enforcement, blocking, and automated remediation.
Usage Guidance
This tool appears to be a local compliance/audit script and is mostly coherent with its description, but it can modify your workspace (quarantine/enforce/hooks). Before installing or running it: 1) Treat the package as untrusted until you verify its source—there is no homepage or known repo in the metadata. 2) Inspect the bundled scripts yourself (search for functions named enforce, quarantine, protect, os.remove, shutil.rmtree, os.rename, subprocess/os.system) to confirm what modifications will occur and when. 3) Run on a copy or non-production workspace first and back up your workspace. 4) If you intend to let agents call this skill autonomously, restrict or review agent permissions (or set disable-model-invocation) so it cannot run destructive commands without human approval. 5) Ask the publisher for a canonical source/repo and change logs; prefer installing from a verified repository. If you want help locating and reviewing the parts of scripts/marshal.py that implement quarantine/enforce, I can inspect those functions in more detail.
Capability Analysis
Type: OpenClaw Skill Name: openclaw-marshal Version: 1.0.2 The OpenClaw Marshal skill is a security and compliance tool designed to audit other skills and the workspace against defined policies. It scans for dangerous command patterns (e.g., RCE risks like `curl|bash`, `eval()`, `os.system`), network policy violations, and configuration issues. Its 'Pro' features include active enforcement by quarantining non-compliant skills (renaming their directories) and generating defensive runtime hooks for agent environments to block dangerous commands or PII leaks. All operations are aligned with its stated security purpose, and there is no evidence of intentional malicious behavior such as data exfiltration, backdoor installation, or unauthorized remote control. The code adheres to its claim of 'No External Dependencies' and 'No network calls'.
Capability Assessment
Purpose & Capability
Name/description claim a compliance/audit tool and the bundle contains a Python script that scans a workspace for commands, domains, and configuration—this is consistent. However marketing text says the free tier is 'alert only' while the included script implements active enforcement/quarantine/enforce/protect commands. The repository/homepage is unknown which reduces trust in provenance.
Instruction Scope
SKILL.md instructs the agent (or user) to run the included marshal.py against a workspace; the script auto-detects a workspace and scans/assesses all skills. The script also exposes operations that can modify state (enforce, quarantine, unquarantine, hooks, protect). Those are within the stated purpose but are potentially destructive (rename/move/quarantine skills, create hooks) and the README/marketing is inconsistent about whether active enforcement is part of the free skill. The runtime instructions and code give the agent broad discretion over workspace files—review and backups are recommended.
Install Mechanism
No install spec; the skill is instruction-only plus a bundled Python script. Nothing is downloaded from external URLs or installed automatically by the skill. The risk of supply-chain code being pulled at install time is low because everything is included in the bundle.
Credentials
No required environment variables or credentials are declared; the script optionally respects OPENCLAW_WORKSPACE to locate the workspace. There are no requested secrets or unrelated credentials in metadata. This is proportionate for a local-audit tool.
Persistence & Privilege
always:false (good). Model invocation is allowed (disable-model-invocation:false), which is the platform default. Because the script exposes enforcement/quarantine operations that modify other skills and workspace state, an autonomously-invoked agent could perform those changes if given the ability — combine that with the previous concern and treat autonomous invocation as a real risk unless you intentionally restrict it.
How to Use
  1. Make sure OpenClaw is installed (local or Docker)
  2. Run the install command in chat: /install openclaw-marshal
  3. After installation, invoke the skill by name or use /openclaw-marshal
  4. Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.2
- Removed references to "openclaw-marshal-pro" and the free/upgrade alert layer. - Generalized the description by omitting upsell language. - No changes to command structure, functionality, or usage examples. - Documentation now presents the open-source version on its own.
v1.0.1
- Updated README.md for improved clarity and consistency. - No functional or behavioral changes to the skill itself.
v1.0.0
Initial release of openclaw-marshal 1.0.0. - Enables defining security and compliance policies for agent workspaces. - Audits installed skills and workspace configurations against customizable rules for commands, network, data handling, and workspace hygiene. - Generates detailed audit-ready compliance reports and concise status summaries. - Requires no external Python dependencies and supports auto-detecting the workspace location. - Upgrade path to active enforcement features via openclaw-marshal-pro.
Metadata
Slug openclaw-marshal
Version 1.0.2
License
All-time Installs 3
Active Installs 3
Total Versions 3
Frequently Asked Questions

What is Openclaw Marshal?

Compliance and policy enforcement for agent workspaces. Define security policies, audit compliance, check command restrictions, and generate audit-ready reports. Free alert layer — upgrade to openclaw-marshal-pro for active enforcement, blocking, and automated remediation. It is an AI Agent Skill for Claude Code / OpenClaw, with 1535 downloads so far.

How do I install Openclaw Marshal?

Run "/install openclaw-marshal" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is Openclaw Marshal free?

Yes, Openclaw Marshal is completely free (open-source). You can download, install and use it at no cost.

Which platforms does Openclaw Marshal support?

Openclaw Marshal is cross-platform and runs anywhere OpenClaw / Claude Code is available (darwin, linux, win32).

Who created Openclaw Marshal?

It is built and maintained by AtlasPA (@atlaspa); the current version is v1.0.2.

More Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191115 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 Comments