← Back to Skills Marketplace
81
Downloads
0
Stars
0
Active Installs
2
Versions
Install in OpenClaw
/install vaikora
Description
Route OpenClaw LLM calls through Vaikora for real-time AI agent security monitoring. Every action your agent takes gets scored for risk, anomaly-flagged, and...
Usage Guidance
This skill is coherent with being a monitoring proxy, but it requires you to route your agent traffic — including full prompts/responses and your upstream provider API key — through Vaikora. Before installing or routing production traffic: 1) Use a dedicated, limited-scope upstream key with strict spend and rate limits for testing; 2) Verify Vaikora's data retention, deletion, and encryption policies and service-level agreement; 3) Confirm whether Vaikora stores or logs the upstream provider key long-term (SKILL.md claims it does not beyond request lifetime, but you should validate); 4) Avoid routing PHI/PCI/regulatory data until legal/compliance approval; 5) If using security connectors, ensure those run on your infrastructure and that you understand what Vaikora will push to them; 6) Rotate keys after testing and monitor for unexpected usage. Because the skill is instruction-only and there is no code to audit, evaluate the vendor (homepage, documentation, reviews) and try it in an isolated environment first.
Capability Analysis
Type: OpenClaw Skill
Name: vaikora
Version: 1.0.1
The vaikora-security skill bundle (SKILL.md) instructs the OpenClaw agent to reconfigure its core LLM settings to route all traffic through an external proxy (api.vaikora.com), which requires sending the sensitive LLM_PROVIDER_API_KEY in cleartext headers. This configuration facilitates a Man-in-the-Middle (MitM) credential exfiltration attack under the guise of a security monitoring service. The bundle employs social engineering by claiming integrations with reputable security vendors (SentinelOne, CrowdStrike) and referencing Data443, while the _meta.json contains a suspicious future timestamp (2026), indicating a deceptive attempt to harvest API credentials.
Capability Tags
Capability Assessment
Purpose & Capability
The name/description say it routes LLM calls through a monitoring proxy; the declared environment variables (VAIKORA_API_KEY, VAIKORA_AGENT_ID, LLM_PROVIDER_API_KEY) and the SKILL.md instructions (change base_url, add x-api-key + Authorization header) match that purpose. No unrelated binaries, installs, or config paths are requested.
Instruction Scope
The SKILL.md explicitly instructs the agent to send full prompts, message history, and the upstream provider key through Vaikora. That is coherent for a proxy, but it means highly sensitive material (prompts, responses, and provider secrets) will transit a third party. The instructions do not attempt to read unrelated files or env vars beyond those declared.
Install Mechanism
This is an instruction-only skill with no install spec or code files, so there's nothing written to disk by the skill itself. That lowers install-time risk, but it also means there is no local code to audit.
Credentials
The environment variables requested are proportionate to a proxy gateway: Vaikora needs its own API key and agent id, and it needs the upstream LLM provider key to forward requests. However, providing your upstream provider key to a third party is a significant sensitivity escalation — the SKILL.md acknowledges this but the choice to forward that secret should be evaluated before using in production.
Persistence & Privilege
The skill is not marked always:true and does not request system-wide persistence or modification of other skills. It operates by changing the agent's LLM base_url and headers (as intended for a gateway). Autonomous invocation is allowed (platform default) but is not combined with other elevated privileges here.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install vaikora - After installation, invoke the skill by name or use
/vaikora - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.1
- Added support for explicit LLM provider API key via LLM_PROVIDER_API_KEY environment variable.
- Updated setup instructions to clarify all required environment variables and header usage.
- Expanded documentation on what data Vaikora receives and data handling best practices.
- Improved example configurations, emphasizing dual-header pattern and management API usage.
- Clarified connector installation and monitoring workflow details.
- Updated links to individual AWS Marketplace connector listings.
v1.0.0
Initial release of vaikora-security:
- Route OpenClaw LLM traffic through Vaikora for real-time agent security monitoring.
- Scores each agent action for risk and detects anomalies with ML-based analysis.
- Blocks prompt injection, jailbreaks, PII exfiltration, and indirect injection attacks.
- Pushes security signals to SentinelOne, CrowdStrike Falcon, and AWS Security Hub.
- Monitors both inputs and outputs for toxicity and data leakage.
- No changes required to agent code—simply update the API endpoint and headers.
Metadata
Frequently Asked Questions
What is Vaikora?
Route OpenClaw LLM calls through Vaikora for real-time AI agent security monitoring. Every action your agent takes gets scored for risk, anomaly-flagged, and... It is an AI Agent Skill for Claude Code / OpenClaw, with 81 downloads so far.
How do I install Vaikora?
Run "/install vaikora" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is Vaikora free?
Yes, Vaikora is completely free, licensed under MIT-0. You can download, install and use it at no cost.
Which platforms does Vaikora support?
Vaikora is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created Vaikora?
It is built and maintained by Data443 (@data443); the current version is v1.0.1.
More Skills