← Back to Skills Marketplace
spaceman420urdog-afk

Sentinel- OpenClaw Runtime Security

by spaceman420urdog-afk · GitHub ↗ · v1.0.0 · MIT-0
cross-platform ⚠ suspicious
292
Downloads
1
Stars
0
Active Installs
1
Versions
Install in OpenClaw
/install runtime-sentinel
Description
Runtime security guardian for OpenClaw agents. Use this skill whenever the user mentions security, skill safety, prompt injection, malware, suspicious behavi...
Usage Guidance
This package is coherent: it is a local runtime monitor that must read your OpenClaw skill directory, inspect files, and (if you enable premium/daemon) inspect process/network state and manage a local wallet for tiny payments. Before installing: 1) Prefer building from the included source and verify checksums if using a release binary. 2) Review and confirm the payment recipient address and set 'wallet set-limit' to 0 (or a small value) to prevent automatic auto-approvals. 3) Understand it will create ~/.sentinel (machine.key, keystore, baselines, logs) and may move quarantined skill folders — back up any important files first. 4) Note small metadata inconsistencies (registry marked instruction-only vs. included source and build steps, and mixed license text across files) — ask the author or verify the upstream repository if that matters to you. 5) If you need purely offline, free-tier behavior, run with --offline (daemon/egress/process features are premium and can be disabled).
Capability Analysis
Type: OpenClaw Skill Name: runtime-sentinel Version: 1.0.0 The 'runtime-sentinel' bundle is a comprehensive security monitoring tool that implements file integrity hashing, credential auditing, and network/process monitoring. While the code appears to be a legitimate security utility, it utilizes several high-risk capabilities, including broad filesystem access to scan for secrets (audit.rs), network connection attribution via /proc/net and lsof (egress.rs), and process tree monitoring (process.rs). It also includes a built-in cryptocurrency wallet for x402 USDC micropayments (payment.rs). Although the behavior is aligned with the stated purpose and no evidence of malicious exfiltration was found, the extensive system-level monitoring and financial handling qualify it as suspicious under the provided criteria for high-risk behaviors.
Capability Assessment
Purpose & Capability
The SKILL.md and Rust sources implement the claimed features (integrity hashing, prompt-injection scanning, credential scanning, daemon/egress/process monitoring, and optional VirusTotal lookups). However the registry metadata said 'instruction-only' / no install spec while the SKILL.md and README explicitly instruct building/installing a compiled 'sentinel' binary and reference GitHub releases — a mismatch to be aware of. Declared optional env vars (SENTINEL_WALLET, SENTINEL_RPC, SENTINEL_VT_KEY) align with the premium features and VirusTotal integration.
Instruction Scope
Runtime instructions and source show the binary will scan ~/.openclaw/skills, read SKILL.md files, inspect SOUL.md and MEMORY.md, compute hashes, write baselines and logs to ~/.sentinel, and (when daemon/egress features enabled) read process info (/proc, lsof) and network connections. Those actions are coherent with the stated purpose but are high-privilege (file system and process inspection). The SKILL.md/payment flow also describes automatically signing x402/USDC payments with the local wallet (though price is shown beforehand); this deserves explicit user attention/configuration.
Install Mechanism
No install spec is present in the registry, but the README and SKILL.md provide 'cargo build' and GitHub release download instructions. Sources are included so building locally is possible (lower risk if you build), and release URLs point to GitHub releases (reasonable). Still, building/placing a binary affects disk and executable state — verify checksums and optionally build from source rather than using a prebuilt binary.
Credentials
The skill requests only optional env vars (wallet, RPC, VirusTotal key) that are relevant. It will create and store a local machine secret, encrypted wallet files, baselines, logs, and quarantine directories under ~/.sentinel, and it reads ~/.openclaw skill files. Those accesses are proportional to its goals but are sensitive (access to skill directories, process sockets, and local wallet). No unexpected external credentials are requested.
Persistence & Privilege
always:false and user-invocable:true. The skill stores its own state under ~/.sentinel, may run a daemon if you enable premium, and can move skills to a quarantine directory — all within its described scope. It does not request force-inclusion or system-wide configuration access beyond its own files, though daemon mode implies continuous monitoring if enabled.
How to Use
  1. Make sure OpenClaw is installed (local or Docker)
  2. Run the install command in chat: /install runtime-sentinel
  3. After installation, invoke the skill by name or use /runtime-sentinel
  4. Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.0
Initial release of runtime-sentinel, a runtime security guardian for OpenClaw agents. - Provides on-demand skill integrity audits and prompt injection scanning (free tier) - Adds credential exposure auditing to alert on plaintext secrets in skill directories - Premium features (via x402 micropayments): continuous daemon monitoring, network egress monitoring, and process anomaly detection - Easy wallet setup for non-custodial payments; no account or API key required - All audits and monitoring run locally, preserving user privacy
Metadata
Slug runtime-sentinel
Version 1.0.0
License MIT-0
All-time Installs 0
Active Installs 0
Total Versions 1
Frequently Asked Questions

What is Sentinel- OpenClaw Runtime Security?

Runtime security guardian for OpenClaw agents. Use this skill whenever the user mentions security, skill safety, prompt injection, malware, suspicious behavi... It is an AI Agent Skill for Claude Code / OpenClaw, with 292 downloads so far.

How do I install Sentinel- OpenClaw Runtime Security?

Run "/install runtime-sentinel" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is Sentinel- OpenClaw Runtime Security free?

Yes, Sentinel- OpenClaw Runtime Security is completely free, licensed under MIT-0. You can download, install and use it at no cost.

Which platforms does Sentinel- OpenClaw Runtime Security support?

Sentinel- OpenClaw Runtime Security is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created Sentinel- OpenClaw Runtime Security?

It is built and maintained by spaceman420urdog-afk (@spaceman420urdog-afk); the current version is v1.0.0.

More Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191113 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 Comments