← Back to Skills Marketplace
Runtime Security Guard (English)
by
nanlinsec-sys
· GitHub ↗
· v2.1.0
· MIT-0
129
Downloads
0
Stars
0
Active Installs
1
Versions
Install in OpenClaw
/install runtime-security-guard-en
Description
Enterprise-grade AI runtime security protection v2.1. Provides 410+ security rules with cross-platform detection (Windows/macOS/Linux), detecting 10 categori...
Usage Guidance
What to check before installing:
- Verify the repository owner and source: confirm the GitHub repo (https://github.com/nanlin300624/runtime-security-guard) is trustworthy and review author identity and issues/commits. Do not trust the skill solely because it is on GitHub.
- Do NOT run curl | bash on a raw URL without auditing the script. Instead clone the repo and inspect install-no-sudo.sh and other scripts locally before running. Prefer building locally (npm install; npm run build) in an isolated environment.
- Confirm runtime requirements: the code and docs require Node.js 18+. The registry metadata does not declare this — ensure your environment meets the declared prerequisites and that the manifest is corrected.
- Audit network behavior: search the code for webhook, HTTP client, remote endpoints, and any code paths that send detection logs or captured data off-host. Ensure default config does not enable external webhooks or 'save configuration online'.
- Review honeypot functionality and default rule configs: honeypots that intentionally collect tokens (GitHub/OpenAI/AWS/etc.) are plausible for testing but can capture sensitive secrets and store them in logs. Verify what is captured, where logs are written, who can access them, and whether any aggregation/exfiltration is present.
- Inspect SKILL.md and other docs for embedded prompt-injection examples or obfuscated characters. Treat those sections as test data only and ensure they are not executed or injected into runtime agents.
- Run the skill first in an isolated sandbox or test account (not on production or with privileged secrets) and monitor outbound network connections during operation.
- If you plan to use in production, require an internal security/code review: check install scripts, manage the web dashboard binding (ensure it does not expose to the network by default), review storage of logs, and disable any remote reporting until verified.
If you want, I can:
- list the files that call external network functions/webhooks and show those code snippets,
- extract and display the install-no-sudo.sh content for quick review,
- or search the repo for occurrences of 'webhook', 'http', 'curl', 'token', 'key', and 'ssh' to pinpoint high-risk code. (This would help raise confidence one way or the other.)
Capability Analysis
Type: OpenClaw Skill
Name: runtime-security-guard-en
Version: 2.1.0
The bundle is an extensive security monitoring suite (EDR-like) for AI agents that requires broad system permissions to function. It includes modules for monitoring network connections (src/monitor/network-monitor.ts), process behaviors (src/monitor/process-monitor.ts), and file integrity (src/monitor/file-integrity.ts), and even attempts to read the macOS TCC database (src/monitor/macos/permissions-monitor.ts). While its source code appears aligned with its defensive stated purpose, the recommended installation method via 'curl | bash' from an external GitHub repository (SKILL.md, install-no-sudo.sh) is a high-risk pattern. Additionally, it starts a local web server (scripts/web-admin-modern.js) to provide a dashboard, which exposes system logs and statistics via API endpoints, potentially increasing the local attack surface.
Capability Assessment
Purpose & Capability
The name/description align with the included code: hook layers, detectors, rule engine, web dashboard and honeypot features are appropriate for a runtime security guard. However the package metadata declares no required runtime/binaries or env vars while the code/architecture docs explicitly require Node.js (v18+) and other runtime assumptions — this mismatch is incoherent and should be corrected. The presence of honeypot features (GitHub/OpenAI/AWS token traps) and OS-specific monitors (macOS keychain/launchagents) is consistent with the stated purpose but implies access to sensitive subsystems.
Instruction Scope
SKILL.md instructs users to run remote install scripts (curl|bash from raw.githubusercontent.com) and to copy files into the OpenClaw skills dir. The skill's hooks include events that intercept file reads, tool results, user input and agent responses — appropriate for a security guard but highly invasive. The SKILL.md mentions 'Save configuration online' and the code accepts a configurable webhook (config.webhookUrl) — yet no external endpoints or env vars are declared in metadata. The SKILL.md also contains prompt-injection example strings; while those may be test cases, any prompt-injection content inside runtime instructions can be abused if not sanitized.
Install Mechanism
No formal install spec in registry metadata, but SKILL.md recommends running a remote install script piped to bash from GitHub raw (install-no-sudo.sh). Pipe-to-shell of remote scripts is high-risk and should be avoided unless you audit the script. Alternative instructions clone/build locally (git clone + npm install + npm run build) which is expected, but the manifest failing to declare Node/npm as required is an inconsistency.
Credentials
The skill declares no required environment variables or primary credential, but the code references optional external webhook configuration and includes honeypot modules intended to capture tokens (OpenAI, GitHub, AWS, etc.). The SKILL.md promises 'automatic environment variable configuration' which could modify env vars without declaring them. Requesting or capturing wide-ranging secrets is not justified by the metadata and increases risk if defaults enable webhook/external forwarding.
Persistence & Privilege
The skill is not marked always:true and does not request special platform flags in metadata. It installs into the user's OpenClaw skills directory and registers runtime hooks that intercept many agent events — this is expected for a runtime protection skill but grants broad visibility into agent activity (file reads, tool outputs, user inputs). Combined with undeclared network/webhook capabilities, this broad access raises concern and warrants review prior to production deployment.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install runtime-security-guard-en - After installation, invoke the skill by name or use
/runtime-security-guard-en - Provide required inputs per the skill's parameter spec and get structured output
Version History
v2.1.0
English version of RSG v2.1.0 - Enterprise AI runtime security with 410+ rules, 10 threat categories, cross-platform support, web dashboard, automated testing. New: 14 OpenClaw configuration-level security rules.
Metadata
Frequently Asked Questions
What is Runtime Security Guard (English)?
Enterprise-grade AI runtime security protection v2.1. Provides 410+ security rules with cross-platform detection (Windows/macOS/Linux), detecting 10 categori... It is an AI Agent Skill for Claude Code / OpenClaw, with 129 downloads so far.
How do I install Runtime Security Guard (English)?
Run "/install runtime-security-guard-en" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is Runtime Security Guard (English) free?
Yes, Runtime Security Guard (English) is completely free, licensed under MIT-0. You can download, install and use it at no cost.
Which platforms does Runtime Security Guard (English) support?
Runtime Security Guard (English) is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created Runtime Security Guard (English)?
It is built and maintained by nanlinsec-sys (@nanlinsec-sys); the current version is v2.1.0.
More Skills