功能描述

Cryptographic audit ledger and AI firewall for OpenClaw agents. Records every agent action (messages, skills, tools, plugins, memory, models) in an immutable...

使用说明 (SKILL.md)

EctoClaw — Cryptographic Audit Ledger & AI Firewall for OpenClaw

Name: EctoClaw
Author: ectospace

Configuration

ECTOCLAW_URL: The EctoClaw server URL (default: http://localhost:3210)

Source code and install scripts are fully open-source at https://github.com/EctoSpace/EctoClaw.

Security / authentication

EctoClaw is designed to run on localhost or a private network you control.
If you expose ECTOCLAW_URL beyond localhost, put it behind your own authentication and access controls (for example, a reverse proxy with auth).
Do not point ECTOCLAW_URL at an untrusted third-party host, since audit logs can contain sensitive prompts, tool outputs, and memory contents.

Commands

List Audit Sessions

When the user asks to see audit sessions, list recent sessions, or check audit history:

Call GET {ECTOCLAW_URL}/api/sessions?limit=10
Format the response as a readable list showing session ID, status, event count, and goal

Create Audit Session

When the user asks to start a new audit, create a session, or begin tracking:

Call POST {ECTOCLAW_URL}/api/sessions with JSON body: {"goal": "\x3Cuser's stated goal>"}
Optionally include "policy_name" to bind a policy: {"goal": "\x3Cgoal>", "policy_name": "\x3Cn>"}
Report the session ID, goal hash, and public key

Append Event

When the user wants to log an action, record an event, or track an operation:

Call POST {ECTOCLAW_URL}/api/sessions/{session_id}/events
JSON body: {"type": "\x3CEventType>", "payload": {\x3Cevent data>}}
Valid types: MessageReceived, MessageSent, SkillInvoked, SkillResult, ToolCall, ToolResult, PluginAction, PluginResult, ModelRequest, ModelResponse, MemoryStore, MemoryRecall, ApprovalRequired, ApprovalDecision
Report the content hash, sequence number, and Ed25519 signature

Verify Session Integrity

When the user asks to verify a session or check chain integrity:

Call GET {ECTOCLAW_URL}/api/sessions/{session_id}/verify
Report whether the hash chain is verified or broken and how many events were checked

Get Session Details

When the user asks about a specific session:

Call GET {ECTOCLAW_URL}/api/sessions/{session_id}
Show full session details including goal, goal hash, status, policy, timestamps, event count, and public key

Seal a Session

When the user asks to finalize, seal, or close an audit session:

Call POST {ECTOCLAW_URL}/api/sessions/{session_id}/seal
Report the sealed status and final Merkle root

Get Audit Metrics

When the user asks for metrics, statistics, or a summary:

Call GET {ECTOCLAW_URL}/api/metrics
Display total sessions, active sessions, sealed sessions, total events, and event type breakdown

Get Compliance Bundle

When the user asks for a compliance report or Merkle proof:

Call GET {ECTOCLAW_URL}/api/sessions/{session_id}/compliance
Show the Merkle root and event hashes

Get Merkle Proof for Specific Event

When the user asks to prove a specific event exists in the chain:

Call GET {ECTOCLAW_URL}/api/sessions/{session_id}/merkle?leaf={event_index}
Show the Merkle root and inclusion proof path

Verify a Merkle Proof

When the user provides a Merkle proof to verify:

Call POST {ECTOCLAW_URL}/api/merkle/verify with the proof data
Report whether the proof is valid

Generate Audit Report

When the user asks for a full audit report:

Call GET {ECTOCLAW_URL}/api/reports/{session_id}?format=json
For HTML: GET {ECTOCLAW_URL}/api/reports/{session_id}?format=html
Present the complete session report with events and verification status

List Policies

When the user asks about active policies or what rules are configured:

Call GET {ECTOCLAW_URL}/api/policies
Show each policy name and its configuration

Create or Update a Policy

When the user wants to set up audit rules:

Call PUT {ECTOCLAW_URL}/api/policies/{name} with {"content": "\x3CTOML policy>"}
Report the saved status

Stream Live Events

When the user wants real-time monitoring:

Connect to GET {ECTOCLAW_URL}/api/stream (Server-Sent Events)
Report events as they arrive

Check Server Health

When the user asks if EctoClaw is running:

Call GET {ECTOCLAW_URL}/health
Report status, version, and name

What EctoClaw records

Every OpenClaw lifecycle event is captured as a signed ledger entry:

Event Type	What it captures
MessageReceived	Inbound messages from any channel
MessageSent	Outbound agent responses
SkillInvoked	Skill activation with parameters
SkillResult	Skill execution output
ToolCall	Tool invocations (shell, file, http, browser)
ToolResult	Tool execution results and observations
PluginAction	Plugin lifecycle events
ModelRequest	LLM API calls with prompt context
ModelResponse	LLM responses
MemoryStore	Memory write operations
MemoryRecall	Memory read operations
PolicyViolation	Blocked or flagged actions
ApprovalRequired	Human-in-the-loop gate triggered
ApprovalDecision	Human approval or denial recorded
SessionSeal	Session finalized with Merkle root
KeyRotation	Ed25519 signing key rotated

Only send data to an EctoClaw instance you operate and trust. Treat audit logs as highly sensitive and protect them accordingly.

Cryptographic integrity

Every event is:

SHA-256 hash-chained — each event hash includes the previous event hash
Ed25519 signed — tamper-evident digital signatures per event and per session
Merkle tree provable — O(log n) inclusion proofs for any individual event

Quick start (for users installing EctoClaw)

npm install ectoclaw
npx ectoclaw serve --dev
# Dashboard: http://localhost:3210/dashboard/

Links

GitHub: https://github.com/EctoSpace/EctoClaw
NPM: https://www.npmjs.com/package/ectoclaw
Website: https://ectospace.com/EctoClaw
EctoLedger (Rust enterprise version): https://github.com/EctoSpace/EctoLedger

安全使用建议

This skill appears to do what it says: send audit events to an EctoClaw server. Before installing or enabling it: (1) ensure ECTOCLAW_URL points to a server you control or a trusted private instance behind authentication; do not point it at third-party hosts you don't trust, because audit logs can include sensitive prompts, tool outputs, and memories; (2) review the referenced GitHub repo and the npm package contents for malicious or surprising behavior before running the installer; (3) configure retention, redaction, and policy rules to avoid storing unnecessary secrets; (4) run the EctoClaw server locally or in a tightly controlled network and require authentication (reverse proxy, mTLS, or tokens) if it must be reachable beyond localhost; and (5) consider limiting which event types are logged if you need stricter data minimization.

功能分析

Type: OpenClaw Skill Name: ectoclaw Version: 0.1.3 The ectoclaw skill is a cryptographic audit ledger and security firewall designed to record and verify agent activities. It functions by sending detailed logs of agent events (including messages, tool outputs, and memory) to a user-configured endpoint (ECTOCLAW_URL), which is consistent with its stated purpose of providing an immutable audit trail. While the skill handles sensitive data, the documentation in SKILL.md includes explicit security warnings regarding the use of untrusted third-party hosts and lacks any indicators of intentional malice, obfuscation, or unauthorized data exfiltration.

能力评估

✓ Purpose & Capability

Name/description match the runtime instructions: the SKILL.md instructs the agent to call an ECTOCLAW_URL service to create sessions, append events, verify chains, stream events, and manage policies. Requiring a single primaryEnv (ECTOCLAW_URL) and an optional npm install of an 'ectoclaw' binary is coherent for an audit/firewall integration.

ℹ Instruction Scope

Instructions confine activity to HTTP(S) calls to {ECTOCLAW_URL} endpoints (sessions, events, verify, metrics, policies, stream). That is expected for an external audit service. However, the skill's purpose is to record 'every agent action' including messages, tool calls, model requests, and memory — which inherently captures sensitive prompts, tool outputs, and secrets. The SKILL.md explicitly warns not to point the URL at an untrusted host, but the agent will send potentially sensitive data to whatever ECTOCLAW_URL is configured.

ℹ Install Mechanism

Install spec is an npm package ('ectoclaw') that provides an 'ectoclaw' binary. Using an npm package is proportionate for this functionality but carries moderate supply-chain risk; you should review the package source (GitHub repo referenced in SKILL.md) before installation and prefer running a locally controlled instance.

ℹ Credentials

Only one primary environment variable (ECTOCLAW_URL) is declared, which is appropriate. Because audit logs may include secrets, the single URL gives a lot of exfiltration power if pointed at a remote/untrusted host. The SKILL.md warns about this, but users must ensure the endpoint is trusted and properly authenticated.

✓ Persistence & Privilege

always:false and no config paths or extra privileges are requested. The skill does not request permanent agent inclusion or system-wide config changes in the provided instructions.

版本历史

v0.1.3

Metadata synchronization and shell compatibility fix. Explicitly declared ECTOCLAW_URL as the primary environment variable.

v0.1.1

Security and metadata hardening. Resolved environment variable inconsistencies (declared ECTOCLAW_URL) and added repository provenance links for audit transparency.

v0.1.0

Cryptographic audit ledger for OpenClaw. SHA-256 hash chains, Ed25519 signatures, Merkle proofs, policy enforcement, live dashboard, REST API, SDK, CLI.

元数据

Slug ectoclaw

版本 0.1.3

许可证 MIT-0

累计安装 0

当前安装数 0

历史版本数 3

常见问题

EctoClaw 是什么？

Cryptographic audit ledger and AI firewall for OpenClaw agents. Records every agent action (messages, skills, tools, plugins, memory, models) in an immutable... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件，目前累计下载 252 次。

如何安装 EctoClaw？

在 OpenClaw 或 Claude Code 对话框中运行命令「/install ectoclaw」即可一键安装，无需额外配置。

EctoClaw 是免费的吗？

是的，EctoClaw 完全免费，采用 MIT-0 许可证，可自由下载、安装和使用。

EctoClaw 支持哪些平台？

EctoClaw 跨平台运行，可在任意部署了 OpenClaw / Claude Code 的环境中使用（cross-platform）。

谁开发了 EctoClaw？

由 EctoSpace（@ectospace）开发并维护，当前版本 v0.1.3。

EctoClaw