功能描述

Collective immunity network for AI agents. When one agent detects a prompt injection attack, all connected agents become immune. Real-time pattern detection, community voting, and distributed threat intelligence. Built on top of prompt-guard.

使用说明 (SKILL.md)

HiveFence v1.0.0

Name: HiveFence
Author: seojoonkim

🐝 When one is attacked, all become immune.

Collective prompt injection defense network for AI agents.

What is HiveFence?

HiveFence extends prompt-guard with a distributed immunity system:

Detect — Your agent scans incoming prompts against 15+ attack patterns
Report — New attack patterns are hashed and submitted to the network
Immunize — Community validates the pattern, then every connected agent gets the update

Features

🔍 Real-time Detection — Pattern matching + semantic analysis in \x3C50ms
🌍 Multi-language — EN, KO, JA, ZH attack detection
🗳️ Community Governance — Democratic voting on new patterns
🔐 Privacy-preserving — Only SHA-256 hashes shared, not raw content
📊 Severity Scoring — Risk-based prioritization (0-100)
⚡ Edge-first — Cloudflare Workers at 300+ locations

Installation

# Via ClawdHub
npx clawhub install hivefence

# Or via npm
npm install hivefence

Quick Start

import { protect, reportThreat } from 'hivefence'

// Scan incoming prompt
const result = await protect(userInput)

if (result.blocked) {
  console.log(`Threat blocked: ${result.category}`)
  // Pattern automatically reported to network
}

Security Stack Recommendation

For maximum protection, use HiveFence with:

ACIP — Advanced Cognitive Inoculation Prompt (behavioral boundaries)
HiveFence — Pattern detection + collective immunity
SkillGuard — Audit skills before installation

As recommended in @VittoStack's Security Guide (34K+ views)

API Endpoints

Method	Endpoint	Description
POST	`/api/v1/threats/report`	Submit new threat pattern
GET	`/api/v1/threats/pending`	Get patterns awaiting votes
POST	`/api/v1/threats/:id/vote`	Vote on a pattern
GET	`/api/v1/threats/latest`	Fetch approved patterns
GET	`/api/v1/stats`	Network statistics

Base URL: https://hivefence-api.seojoon-kim.workers.dev

Why HiveFence?

Without protection:

91% injection attack success rate
84% data extraction success rate
System prompts leaked on turn 1

(Source: ZeroLeaks Security Assessment)

With HiveFence:

Real-time pattern blocking
Collective immunity from the network
Community-validated patterns (zero false positives)

Links

Website: https://hivefence.com
GitHub: https://github.com/seojoonkim/hivefence
API Docs: https://hivefence.com/docs

License

安全使用建议

Things to check before installing: 1) Verify the package source — confirm the hivefence npm package and GitHub repo match the SKILL.md and inspect the code, install scripts, and license. 2) Confirm the reporting workflow — what exactly is sent to the API, where hashing happens (locally), and whether any raw prompt content or identifiers could be transmitted. 3) Verify authentication and endpoint ownership — the base URL is a personal Cloudflare Workers domain; confirm who controls it and whether anonymous reporting is allowed. 4) Prefer an opt-in model — do not enable automatic reporting of user prompts without explicit consent and local review. 5) If you can't review the upstream package source and code, avoid installing or running the npm instructions recommended in SKILL.md. What would change this assessment: the repo and npm package are published and verifiably authored, the code shows local-only SHA-256 hashing before any network I/O, reports contain no identifiable data, and reporting requires explicit opt-in or authenticated endpoints.

功能分析

Type: OpenClaw Skill Name: hivefence Version: 1.0.0 The skill is classified as suspicious due to its reliance on external network communication to a third-party API (https://hivefence-api.seojoon-kim.workers.dev) for reporting 'threat patterns', as described in SKILL.md. While the documentation claims only SHA-256 hashes are shared, the actual implementation of the `hivefence` package is not provided, preventing verification of this privacy claim. This unverified data transmission to an external endpoint, combined with the supply chain risk introduced by the `npm install hivefence` command, constitutes risky capabilities without full transparency, even if the stated purpose is benign.

能力评估

⚠ Purpose & Capability

SKILL.md describes an npm package (import { protect, reportThreat } from 'hivefence') and networked behavior (reporting/voting endpoints), but the registry entry is instruction-only with no code files, no install spec, and 'source: unknown'. A networked community-reporting system would reasonably require authenticated endpoints and/or credentials — none are declared. The package claims to be available on npm/GitHub, but the registry metadata doesn't supply or verify those artifacts.

⚠ Instruction Scope

Instructions tell agents to scan incoming prompts and automatically report new patterns to the network. That implies transmitting information derived from user prompts to a remote API. The SKILL.md asserts 'privacy-preserving' (only SHA-256 hashes shared) but gives no concrete hashing workflow, no local-only verification steps, and no restriction against sending raw or partially identifiable data. Automatic reporting of prompt content (even hashed) risks exfiltration or deanonymization and is broader than what a sandboxed, instruction-only skill should assume.

ℹ Install Mechanism

There is no install spec in the registry; SKILL.md recommends using npx or npm install. That discrepancy is notable: the skill itself provides no package or code to inspect in the registry, but tells users/agents to fetch code from external registries. Instructing installation from npm when no package was bundled means the agent would download third-party code at runtime — a behavior that requires verification of the actual npm/GitHub package before trusting.

⚠ Credentials

The skill declares no required environment variables or credentials, yet its functionality (reporting, voting, fetching approved patterns) implies network interactions that typically require authentication and configuration. The absence of declared credentials is inconsistent with the described capabilities. Additionally, privacy guarantees about only sharing SHA-256 hashes are asserted but not demonstrated or enforced in instructions, leaving sensitive data exposure plausible.

ℹ Persistence & Privilege

always is false (good) and model invocation is allowed by default (expected). However, the combination of autonomous invocation and automatic network reporting is risky: an agent could autonomously send (hashed or raw) prompt-derived data to an external personal API endpoint. This is not a direct registry privilege escalation but increases the blast radius if the remote service or reporting logic is malicious.

版本历史

v1.0.0

- Initial release of HiveFence v1.0.0 - Collective prompt injection defense network for AI agents; immunity spreads to all when one agent detects a threat - Real-time, multi-language attack detection (EN, KO, JA, ZH) with <50ms response - Community voting system for validating new attack patterns - Privacy-preserving threat sharing using SHA-256 hashes - Risk-based prioritization with severity scoring - Fast, edge-first deployment on Cloudflare Workers (300+ locations) - Public API endpoints for threat submission, voting, and statistics

元数据

Slug hivefence

版本 1.0.0

许可证 —

累计安装 3

当前安装数 3

历史版本数 1

常见问题

HiveFence 是什么？

Collective immunity network for AI agents. When one agent detects a prompt injection attack, all connected agents become immune. Real-time pattern detection, community voting, and distributed threat intelligence. Built on top of prompt-guard. 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件，目前累计下载 1922 次。

如何安装 HiveFence？

在 OpenClaw 或 Claude Code 对话框中运行命令「/install hivefence」即可一键安装，无需额外配置。

HiveFence 是免费的吗？

是的，HiveFence 完全免费（开源免费），可自由下载、安装和使用。

HiveFence 支持哪些平台？

HiveFence 跨平台运行，可在任意部署了 OpenClaw / Claude Code 的环境中使用（cross-platform）。

谁开发了 HiveFence？

由 seojoonkim（@seojoonkim）开发并维护，当前版本 v1.0.0。

HiveFence