← 返回 Skills 市场
5701
总下载
2
收藏
10
当前安装
17
版本数
在 OpenClaw 中安装
/install guard-scanner
功能描述
Security scanner and runtime guard for OpenClaw skills, MCP servers, and AI agent workflows. Detects prompt injection, identity hijacking, memory poisoning,...
安全使用建议
Install only if you are comfortable giving this skill broad local scanning authority and optional networked audit capabilities. Avoid running untrusted --plugin files, use audit/crawl/patrol/serve only in controlled environments, and review where it writes ~/.openclaw/guard-scanner audit and task state before enabling it as a runtime guard.
能力评估
Purpose & Capability
The scanner, runtime guard, MCP server, audit, crawl, watch, and VirusTotal features broadly fit the stated security purpose, but the security policy and per-file manifests repeatedly describe narrower static/offline behavior than the code and SKILL.md actually expose.
Instruction Scope
User-facing commands can scan arbitrary directories, run an MCP server, patrol/crawl remote registries, load user-supplied plugin modules, and invoke a ClawHub CLI search through a shell path; most are user-directed, but the scope is broad and not consistently bounded.
Install Mechanism
No postinstall script or automatic cryptomining/credential-stealing install behavior was found. The package declares an OpenClaw extension and CLI, but the top-level skill metadata only declares a Node binary requirement and does not fully communicate runtime/network/env capabilities.
Credentials
Reads of VT_API_KEY, GITHUB_TOKEN, HOME, and GUARD_SCANNER_MODE, plus outbound access to GitHub/npm/VirusTotal/ClawHub, are coherent for optional auditing but are under-declared in some manifests and contradict the SECURITY.md claim that the tool makes no network requests except optional VirusTotal.
Persistence & Privilege
The runtime guard writes audit logs under ~/.openclaw/guard-scanner, the MCP async task system persists tasks.json, and patrol/serve modes can be long-running. These are purpose-aligned but need clearer retention, cleanup, and permission disclosure.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install guard-scanner - 安装完成后,直接呼叫该 Skill 的名称或使用
/guard-scanner触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v16.0.2
Improve ClawHub listing copy for search/discovery, align metadata with v16.0.2 metrics, and keep SKILL/package/plugin versions in sync.
v16.0.1
v16.0.1: 5-layer analysis pipeline, OWASP ASI compliance, 358 patterns, 35 categories, 27 runtime checks
v15.0.0
v15.0.0: 358 patterns, 35 categories, 27 runtime checks, 332 E2E tests. Unicode confusable, Base64 scan, ContextCrush gate.
v13.0.1
Fix SKILL.md frontmatter for OpenClaw compatibility. Add Finding Schema. 306 tests passing. SSOT aligned.
v5.0.8
v5.0.8
v5.0.7
v5.0.7: Improved ClawHub search visibility. Keyword-enriched description for scanner/security/skill queries. Updated stats: 150 patterns, 139 tests, 5 CVEs covered.
v5.0.6
v5.0.6: CVE-2026-2256 (MS-Agent check_safe bypass, CERT VU#431821) + CVE-2026-25046 (Kimi execSync injection). 150 patterns, 139 tests.
v5.0.5
v5.0.5: 147 patterns (23 categories), 136 tests, CVE-2026-25905/27825, VDB Injection, QuarantineNode, OSS cleanup
v5.0.4
v5.0.4: Stealth-encoded signatures to avoid static scanner false positives. 134/134 tests. Logarithmic decay for duplicate findings.
v5.0.3
v5.0.3: Added openclaw.hooks field for npm hook pack distribution — users can now run 'openclaw hooks install guard-scanner' directly
v5.0.2
v5.0.2: Added handler.ts for OpenClaw hooks compatibility — fixes openclaw hooks install
v5.0.1
v5.0.1: Pure OSS release — removed all proprietary references, 135 static + 26 runtime patterns, 22 categories, zero dependencies
v4.0.2
guard-scanner 4.0.2 introduces major upgrades with expanded runtime protection and improved performance.
- Added full runtime blocking of dangerous tool calls via OpenClaw plugin hook (26 patterns, 5 layers, 0.016ms/scan)
- Runtime Guard enforcement modes (`monitor`, `enforce`, `strict`) are now fully functional (blocking supported)
- Increased pattern library: 135 static + 26 runtime patterns, covering 22 threat categories
- Expanded and clarified documentation; now includes clear requirements for `--soul-lock` identity protection
- Test suite greatly extended to 134 tests across 24 suites
- No network access or dependencies; scanning remains fully local and deterministic
v2.1.0
guard-scanner 2.1.0
- Enhanced documentation and onboarding: added detailed OpenClaw integration/limitations, step-by-step start, and clarified runtime mode status.
- New task lists, docs, and sample fixture skills added for maintainers.
- Updated test coverage to include new fixture examples of leaky/PII risks.
- Improved terminology: now explicitly identifies current runtime guard as "warn-only" until OpenClaw `cancel` API lands.
- Documentation now clearly reflects that no network or model calls occur, and local-only audit logging remains unchanged.
v2.0.1
docs: README updated for v2.0.0 — Security Gaps section, test counts, roadmap
v2.0.0
feat: Plugin Hook runtime guard with actual blocking. 3 modes: monitor/enforce/strict. 35 new tests.
v1.0.0
🛡️ Initial release: 170+ threat patterns, 17 categories, Runtime Guard hook, SARIF/HTML/JSON output, Plugin API. Zero dependencies.
元数据
常见问题
Guard Scanner 是什么?
Security scanner and runtime guard for OpenClaw skills, MCP servers, and AI agent workflows. Detects prompt injection, identity hijacking, memory poisoning,... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 5701 次。
如何安装 Guard Scanner?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install guard-scanner」即可一键安装,无需额外配置。
Guard Scanner 是免费的吗?
是的,Guard Scanner 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。
Guard Scanner 支持哪些平台?
Guard Scanner 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 Guard Scanner?
由 dee-guava(@koatora20)开发并维护,当前版本 v16.0.2。
推荐 Skills