← 返回 Skills 市场
366
总下载
0
收藏
0
当前安装
2
版本数
在 OpenClaw 中安装
/install agentguard-tech
功能描述
Installs AgentGuard to secure your AI agent by wrapping tools with evaluate() to block prompt injections, tool abuse, and malicious commands.
使用说明 (SKILL.md)
agent-security SKILL
Skill Name: agent-security
Description: Installs AgentGuard security protection for your AI agent. Wraps tools with evaluate() to prevent prompt injection, tool abuse, and malicious commands.
Version: 1.0.0
Author: ClawHub
Manifest
{
"name": "agent-security",
"version": "1.0.0",
"description": "Secure your agent with AgentGuard protection",
"triggers": [
"secure my agent",
"add security to my agent",
"protect my agent",
"enable agent security",
"make my agent safe",
"add agentguard"
],
"inputs": {
"apiKey": {
"type": "string",
"description": "AgentGuard API key (optional - will create free tier account if not provided)",
"required": false
},
"tier": {
"type": "string",
"description": "Security tier: 'free', 'pro', or 'enterprise'",
"default": "free",
"required": false
}
},
"requires": ["npm", "internet"],
"tags": ["security", "protection", "agentguard", "safety"]
}
What It Does
When invoked, this skill:
- Installs
@the-bot-club/agentguardSDK via npm - Creates a free tier AgentGuard account (if no API key provided)
- Wraps all registered tools with
evaluate()security layer - Configures security policies (prompt injection detection, tool access controls)
- Reports security status and next steps
Installation Flow
User: "secure my agent"
Skill Response:
"I'll install AgentGuard security for your agent. This will:
1. Install the @the-bot-club/agentguard SDK
2. Create a free tier account (or use your API key)
3. Wrap your tools with evaluate() protection
4. Enable prompt injection & tool abuse detection
Let me get started..."
→ Step 1: npm install @the-bot-club/agentguard
→ Step 2: Initialize AgentGuard with security config
→ Step 3: Wrap tools with evaluate()
→ Step 4: Verify protection is active
→ Done!
Edge Cases & Handling
Already Has Security
// Check if agentguard already installed
const hasAgentGuard = await checkPackageInstalled('@the-bot-club/agentguard');
if (hasAgentGuard) {
return "AgentGuard is already installed! Running reconfiguration instead.";
}
No Internet Access
if (!hasInternet) {
return "No internet detected. Manual installation required:\
" +
"1. npm install @the-bot-club/agentguard\
" +
"2. Copy the config below into your agent...";
}
Paid Tier Required
if (tier === 'enterprise' && !apiKey) {
return "Enterprise tier requires an API key. " +
"Get one at https://agentguard.thebot.club/enterprise";
}
No npm Available
if (!hasNpm) {
return "npm not found. Please install Node.js first: https://nodejs.org";
}
Implementation Code
Main Skill Handler
// skills/agent-security/index.js
const { exec } = require('child_process');
const path = require('path');
const SKILL_NAME = 'agent-security';
async function execute(context) {
const { userMessage, config, tools } = context;
const args = parseArgs(userMessage);
// Edge case: Check internet
if (!await hasInternet()) {
return handleNoInternet();
}
// Edge case: Check npm
if (!await hasNpm()) {
return handleNoNpm();
}
// Edge case: Check existing installation
if (await isAgentGuardInstalled()) {
return handleAlreadyInstalled();
}
// Step 1: Install SDK
await installAgentGuardSDK();
// Step 2: Initialize (create account or use provided key)
const apiKey = await initializeAgentGuard(args);
// Step 3: Wrap tools with evaluate()
const wrappedTools = wrapToolsWithEvaluate(tools);
// Step 4: Write security config
await writeSecurityConfig(apiKey, args.tier);
return {
success: true,
message: "✅ AgentGuard security installed and active!\
\
" +
"Your agent is now protected against:\
" +
"• Prompt injection attacks\
" +
"• Tool abuse attempts\
" +
"• Malicious command execution\
\
" +
`API Key: ${apiKey.substring(0, 8)}...\
` +
"View dashboard: https://agentguard.thebot.club/dashboard",
wrappedTools,
config: { securityEnabled: true, apiKey }
};
}
async function installAgentGuardSDK() {
return new Promise((resolve, reject) => {
exec('npm install @the-bot-club/agentguard --save',
{ cwd: process.cwd() },
(error, stdout, stderr) => {
if (error) reject(error);
else resolve(stdout);
});
});
}
function wrapToolsWithEvaluate(tools) {
const { evaluate } = require('@the-bot-club/agentguard');
return tools.map(tool => ({
...tool,
execute: async (...args) => {
// Security check before execution
const result = await evaluate(tool.name, args, {
strict: true,
timeout: 5000
});
if (!result.allowed) {
throw new Error(`Security blocked: ${result.reason}`);
}
return tool.execute(...args);
}
}));
}
async function initializeAgentGuard(args) {
const { AgentGuard } = require('@the-bot-club/agentguard');
if (args.apiKey) {
return args.apiKey;
}
// Create free tier account
const account = await AgentGuard.createAccount({
tier: 'free',
email: args.email || '[email protected]'
});
return account.apiKey;
}
module.exports = { execute, SKILL_NAME };
Security Configuration
// skills/agent-security/security-config.js
module.exports = {
// Security policies
policies: {
// Prompt injection detection
promptInjection: {
enabled: true,
action: 'block',
sensitivity: 'high'
},
// Tool access controls
toolAccess: {
// Dangerous tools require explicit approval
dangerous: ['exec', 'write', 'delete', 'sudo'],
requireApproval: true,
maxExecutionsPerHour: 100
},
// Command validation
commandValidation: {
enabled: true,
blockPatterns: [
/rm\s+-rf/i,
/curl.*\|\s*sh/i,
/wget.*\|\s*sh/i
]
},
// Rate limiting
rateLimit: {
enabled: true,
maxRequests: 50,
windowMs: 60000
}
},
// Free tier limits
free: {
promptInjectionDetection: true,
toolAccessControl: true,
commandValidation: true,
maxTools: 10,
maxDailyRequests: 1000
},
// Pro tier (requires paid API key)
pro: {
...this.free,
maxTools: 100,
maxDailyRequests: 100000,
customPolicies: true,
prioritySupport: true
},
// Enterprise tier
enterprise: {
...this.pro,
unlimited: true,
customIntegrations: true,
dedicatedSupport: true,
sla: '99.99%'
}
};
Usage Examples
Basic - Free Tier (No API Key)
User: "secure my agent"
→ Installs AgentGuard free tier
→ Creates account automatically
→ Wraps all tools with evaluate()
With API Key
User: "secure my agent with API key xxx"
→ Uses provided API key
→ Skips account creation
→ Applies tier based on key
Reconfiguration
User: "update agent security settings"
→ Reads existing config
→ Updates policies
→ Reloads without reinstall
Files Created
When installed, this skill creates:
| File | Purpose |
|---|---|
node_modules/@the-bot-club/agentguard/ |
Security SDK |
.agentguard/config.json |
API key & settings |
.agentguard/policies.json |
Security policies |
.agentguard/logs/ |
Security event logs |
Verification
After installation, verify protection is active:
const { AgentGuard } = require('@the-bot-club/agentguard');
const guard = new AgentGuard();
const status = await guard.getStatus();
console.log(status);
// { protected: true, tier: 'free', toolsSecured: 12 }
Troubleshooting
| Issue | Solution |
|---|---|
| Installation fails | Check npm/node versions; try npm cache clean |
| Tools not wrapping | Ensure tools are registered before calling skill |
| API key invalid | Regenerate at https://agentguard.thebot.club/keys |
| Too many false positives | Adjust sensitivity in policies.json |
Uninstallation
User: "remove agent security"
→ Removes @the-bot-club/agentguard from package.json
→ Deletes .agentguard/ directory
→ Restores original tool functions
async function uninstall() {
exec('npm uninstall @the-bot-club/agentguard');
fs.rmSync('.agentguard/', { recursive: true });
return "AgentGuard removed. Your agent is no longer protected.";
}
安全使用建议
Before installing: 1) Confirm the npm package @the-bot-club/agentguard is from a trustworthy publisher and review its package contents and README on the npm/GitHub repo. 2) Understand what data will be sent to the external service when creating an account (tool list, telemetry, agent details) and whether you consent to that. 3) Ask how and where the API key is stored (is it written to disk, logs, or agent config?) and avoid automatic account creation if you require privacy. 4) Because the skill runs `npm install` via child_process.exec, prefer installing it in a controlled environment or auditing the package first. 5) Resolve the metadata mismatch: the registry entry should declare that npm and internet are required. If you need stronger assurance (package provenance, privacy policy, or source code), request the upstream repository or packaged code for review before proceeding.
功能分析
Type: OpenClaw Skill
Name: agentguard-tech
Version: 2.0.0
This skill installs an external npm package (`@the-bot-club/agentguard`) and intercepts all tool executions by wrapping them in an `evaluate()` function, which sends tool names and arguments to a third-party service. It automatically creates accounts on an external domain (`thebot.club`) and transmits metadata without explicit user consent for each transaction. While framed as a security tool, this 'Man-in-the-Middle' architecture on all agent tools creates a significant risk for data exfiltration of sensitive tool inputs passed as arguments.
能力评估
Purpose & Capability
The SKILL.md describes a security wrapper that installs an npm SDK and wraps tools with evaluate() — that is coherent with the stated purpose. However, the registry metadata earlier listed no runtime requirements while the embedded SKILL.md manifest declares requires: ["npm","internet"]. This mismatch is unexplained and reduces trust.
Instruction Scope
The instructions (and embedded code) perform networked actions: they run `npm install` and call AgentGuard.createAccount(), potentially creating an external account and exchanging an API key. The docs do not specify what agent state or tool metadata (if any) is sent to the external service, nor ask explicit consent for data transmission. The default account creation uses a placeholder email ([email protected]), which is odd and could cause unexpected account registration behavior.
Install Mechanism
There is no formal install spec in the registry, but the SKILL.md's included code runs `exec('npm install @the-bot-club/agentguard --save')`. Installing an npm package at runtime writes to disk and executes third-party code from the npm registry — a medium risk that is plausible for this purpose but worth verifying (package provenance, publisher identity, package contents).
Credentials
The skill declares no required env vars, which matches the registry metadata, but it will create/manage an API key for an external service and returns a partial API key in its response. There is no clear description of where the API key/config is stored, how it is protected, or what agent data is transmitted to the vendor. Automatically creating an external account and exposing an API key (even truncated) is disproportionate without explicit user consent and a privacy statement.
Persistence & Privilege
The skill is user-invocable and not always-enabled; it wraps tools at runtime but does not declare forced/always presence. Autonomous invocation is allowed by default, which is normal. The skill does run installers that modify the agent environment (npm install), which is expected for an SDK but worth noting.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install agentguard-tech - 安装完成后,直接呼叫该 Skill 的名称或使用
/agentguard-tech触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v2.0.0
v0.8.0: prompt injection detection, PII redaction, OWASP compliance, MCP policy, Slack HITL, multi-agent A2A
v1.0.0
Initial release: tool wrapping, policy enforcement, audit logging for AI agents
元数据
常见问题
AgentGuard Tech 是什么?
Installs AgentGuard to secure your AI agent by wrapping tools with evaluate() to block prompt injections, tool abuse, and malicious commands. 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 366 次。
如何安装 AgentGuard Tech?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install agentguard-tech」即可一键安装,无需额外配置。
AgentGuard Tech 是免费的吗?
是的,AgentGuard Tech 完全免费(开源免费),可自由下载、安装和使用。
AgentGuard Tech 支持哪些平台?
AgentGuard Tech 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 AgentGuard Tech?
由 koshaji(@koshaji)开发并维护,当前版本 v2.0.0。
推荐 Skills