← Back to Skills Marketplace
rudi193-cmd

Willow External Guard

by Sean Campbell · GitHub ↗ · v1.0.0 · MIT-0
linuxdarwin ⚠ suspicious
64
Downloads
0
Stars
0
Active Installs
1
Versions
Install in OpenClaw
/install willow-external-guard
Description
Use when Willow is about to ingest, summarize, or act on external content — web fetches, jeles inbound messages, corpus archaeology files, or sub-agent outpu...
Usage Guidance
This skill appears to implement what it claims: a pattern-based prompt-injection scanner and a sandwich wrapper for external content, with no network calls or credential requests. Before installing, verify these points: (1) SKILL.md expects guard events to be appended to sap/log/gaps.jsonl on non-CLEAN results, but scripts/guard.py does not write that file — decide whether the agent or caller should perform the logging and ensure that behavior is implemented and permissioned safely. (2) Confirm how the agent will enforce CONFIRM/BLOCK flows described in SKILL.md (the script returns exit codes and prints excerpts, but user prompts and message-dropping must be implemented by the integrating agent). (3) Review and test the regex patterns against representative inputs to estimate false positives and evasions (pattern-based scanners can be bypassed by obfuscation). (4) Ensure the agent runs this script in a sandboxed context with minimal file permissions — if you do allow log writes, limit them to an application-owned log directory and check retention/rotation. If these integration details are acceptable and you audit the guard's behavior in your environment, the skill itself is low risk; if you need the SKILL.md logging/behavior guaranteed, request an updated script or agent integration that implements it explicitly.
Capability Analysis
Type: OpenClaw Skill Name: willow-external-guard Version: 1.0.0 The willow-external-guard skill is a defensive utility designed to detect and mitigate prompt injection attacks. It uses a Python script (guard.py) to perform regex-based scanning for known attack patterns (e.g., 'DAN' personas, instruction overrides, and system prompt probes) and provides instructions for the agent to wrap untrusted content in protective markers (sandwich defense). The code and instructions are clearly aligned with the stated security purpose and do not exhibit any malicious behaviors such as data exfiltration or unauthorized command execution.
Capability Assessment
Purpose & Capability
Name, description, and included script align: the guard script implements pattern-based detection and a sandwich wrapper for external content. Nothing in the package requests unrelated credentials or binaries (only python3). However, SKILL.md instructs appending guard events to sap/log/gaps.jsonl after non-CLEAN results; the provided script does not perform that logging, so the operational expectation in the documentation is not fully implemented by the code.
Instruction Scope
SKILL.md describes scanning, wrapping, and user-confirm flows and also instructs writing a record to sap/log/gaps.jsonl on blocked/non-CLEAN events. The included script performs scanning, emits results, supports --wrap, and sets exit codes, but it does not write to sap/log/gaps.jsonl or otherwise implement the logging/ingest/drop behaviors described. That mismatch could lead to gaps in telemetry or incorrectly delegated responsibilities to the caller/agent.
Install Mechanism
Instruction-only install (no install spec). The package includes a single Python script and requires only python3 on PATH. No downloads, external installers, or network fetches are present in the files provided.
Credentials
No environment variables, secrets, or config paths are requested. The skill’s functionality (text scanning/wrapping) does not require credentials, so the lack of requested secrets is proportionate.
Persistence & Privilege
The skill does not request persistent/always-on privileges (always: false). SKILL.md suggests writing to sap/log/gaps.jsonl (a local log path), which would require file write access in the agent runtime; the script itself does not perform that write. Verify how the agent integrates logging and whether file permissions would be needed — writing logs to application directories could be appropriate but should be explicit and constrained.
How to Use
  1. Make sure OpenClaw is installed (local or Docker)
  2. Run the install command in chat: /install willow-external-guard
  3. After installation, invoke the skill by name or use /willow-external-guard
  4. Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.0
Initial release of Willow External Guard for protecting Willow’s external content pipeline. - Scans and wraps all untrusted external content (web, jeles messages, corpus files, sub-agent outputs) before LLM processing. - Detects and responds to prompt injection, role hijack, leak attacks, and approval bypass attempts. - Applies graded response levels: WARN (log and proceed), CONFIRM (ask user), BLOCK (refuse content). - Logs all suspicious or blocked events to a dedicated file without recording sensitive content. - Includes robust sandwich defense markers for minimizing LLM execution risk. - Designed for use in Linux and Darwin environments, requiring Python 3.
Metadata
Slug willow-external-guard
Version 1.0.0
License MIT-0
All-time Installs 0
Active Installs 0
Total Versions 1
Frequently Asked Questions

What is Willow External Guard?

Use when Willow is about to ingest, summarize, or act on external content — web fetches, jeles inbound messages, corpus archaeology files, or sub-agent outpu... It is an AI Agent Skill for Claude Code / OpenClaw, with 64 downloads so far.

How do I install Willow External Guard?

Run "/install willow-external-guard" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is Willow External Guard free?

Yes, Willow External Guard is completely free, licensed under MIT-0. You can download, install and use it at no cost.

Which platforms does Willow External Guard support?

Willow External Guard is cross-platform and runs anywhere OpenClaw / Claude Code is available (linux, darwin).

Who created Willow External Guard?

It is built and maintained by Sean Campbell (@rudi193-cmd); the current version is v1.0.0.

More Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191115 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 Comments