Runtime Security Guard

企业级 AI 运行时安全防护技能 v2.1。提供 406+ 条安全规则，支持跨平台检测（Windows/macOS/Linux），检测 9 大类安全威胁。完全本地运行，无云端 API，无配额限制。配备现代化 Web 监控界面和自动化测试系统。

Plain-language next steps and cautions: - Do not run the remote install scripts (curl | bash) or run the included install scripts on production systems before review. Treat the package like code that requires auditing. - The skill legitimately needs to intercept file reads and tool outputs to detect threats, but that means it will access anything your OpenClaw agent can access (including secrets, files, tool outputs). Only install in a limited/sandboxed environment (VM or disposable test instance) first. - Audit these things before trusting: - install-no-sudo.sh / install.sh and any scripts that create services or set env vars. Look for network calls, added cron jobs, or commands that change permissions. - code that writes logs or exposes web UI (web server on :3000). Verify default configs disable external webhooks and remote reporting. - any code that implements the honeypot or token-trapping features — confirm how captured tokens are stored, rotated, or transmitted. Ensure webhookUrl is unset by default. - the SKILL.md and other docs for the detected prompt-injection strings and Unicode control characters; remove or neutralize them before loading the skill into an LLM's environment. - Prefer to audit and run the skill locally with network egress blocked, or run it behind strict firewall rules and with a non-privileged OpenClaw test installation. Check openclaw.plugin.json and package.json for required permissions and startup behavior. - If you don't have the capacity to audit, consider using a well-known, widely-reviewed runtime-security alternative or ask the author to provide an attestable provenance (e.g., known org GitHub account, signed release artifacts, or a 3rd-party code audit). If you want, I can: (a) list the top files to inspect first (install scripts, alerter/alerter.sendWebhook, honeypot implementation, hooks/file-reader, and the SKILL.md lines with injection content), or (b) extract and show the exact SKILL.md lines that triggered the prompt-injection detector so you can review them.

Type: OpenClaw Skill Name: runtime-security-guard Version: 2.2.0 The runtime-security-guard skill is an extensive security framework for OpenClaw agents, providing regex-based threat detection, system monitoring (file integrity, network, and processes), and a web-based management dashboard. It is classified as suspicious primarily due to its high-risk installation and operational patterns: the 'install-no-sudo.sh' script employs a 'curl | bash' execution style and modifies user shell profiles (.bashrc/.zshrc) to add aliases. Additionally, multiple modules (e.g., 'process-monitor.ts', 'network-monitor.ts') execute system-level commands like 'ps', 'netstat', and 'tasklist' via 'child_process.exec'. While these functions are consistent with the stated purpose of a security guard, they grant the skill broad system access. The web administration server ('scripts/web-admin-modern.js') also exposes an API that allows configuration changes without authentication, which could be exploited if the service is exposed beyond localhost.