← 返回 Skills 市场

IronClaw Security Guard

Name: IronClaw Security Guard
Author: wd041216-bit

作者 Da Wei · GitHub ↗ · v0.2.0 · MIT-0

cross-platform ⚠ suspicious

128

总下载

当前安装

版本数

在 OpenClaw 中安装

/install ironclaw-security-guard

功能描述

Add lightweight defense-in-depth guardrails to OpenClaw with dangerous-command blocking, prompt-injection detection, secret redaction, and audit logging.

使用说明 (SKILL.md)

IronClaw Security Guard

Use this skill when an OpenClaw runtime needs lightweight security guardrails rather than a full sandbox.

What it is for

Use it when the user wants to:

reduce risky shell execution
protect sensitive paths and credentials
detect prompt-injection patterns in untrusted content
redact secrets before outgoing messages
keep an audit trail of risky or blocked behavior

What it covers

shell-risk filtering
protected path detection
prompt-injection heuristics
outbound secret redaction
audit logging
manual inspection through ironclaw_security_scan

When to use it

local-model deployments
tool-heavy OpenClaw setups
environments with chat, shell, web, and file tools enabled
operator workflows that need safety checks without a heavyweight sandbox

Non-goals

This skill does not:

provide container isolation
guarantee malware containment
replace OS, network, or credential-hygiene controls

Operating workflow

Check whether the plugin is enabled or running in monitorOnly mode.
Review configured allowlists, blocked command patterns, and protected path patterns.
Use ironclaw_security_scan first when content or tool parameters look suspicious.
Prefer the least-privileged path for shell, network, and messaging actions.
If the plugin blocks a call, inspect the audit log before overriding safeguards.

Output expectations

Good use of this skill should usually produce:

a concise risk explanation
the matched finding category
a safer alternative when one exists
a note about whether the event should be audited or blocked

安全使用建议

This plugin appears to do what it says: block destructive/sensitive tool calls, detect prompt-injection, redact secrets, and log audits. Before installing or enabling it in production: (1) review and, if needed, tighten protectedPathPatterns / blockedCommandPatterns and allowedOutboundHosts; (2) decide whether to start in monitorOnly mode to observe behavior before blocking; (3) configure auditLogPath to a secure location with proper file permissions (audit logs may contain previews of inputs that could include secrets); (4) enable redactPreview where appropriate; (5) run the included tests (npm test) and audit the code to ensure it meets your operational requirements. The only notable operational risk is local storage of potentially sensitive previews — mitigate by configuration and access controls.

功能分析

Type: OpenClaw Skill Name: ironclaw-security-guard Version: 0.2.0 The ironclaw-security-guard plugin is a legitimate security utility designed to provide defense-in-depth guardrails for OpenClaw agents. It implements pattern-based detection and blocking for destructive shell commands (e.g., 'rm -rf', 'sudo'), protects sensitive system and credential paths (e.g., .ssh, .env, /etc/shadow), and provides automated secret redaction for outgoing messages. The logic in index.ts and src/scan.ts is transparently aimed at risk mitigation, and the instructions in SKILL.md are strictly defensive, advising the agent to treat external content as untrusted and avoid unauthorized data exfiltration.

能力评估

✓ Purpose & Capability

Name/description, SKILL.md, README, manifest, and TypeScript code all align: the plugin inspects payloads, classifies tools, blocks destructive shell patterns, detects prompt-injection, redacts secrets, exposes a manual scan tool, and writes an audit log. No unrelated credentials, binaries, or external services are requested.

ℹ Instruction Scope

SKILL.md and the bundled skill instruct the agent to scan messages, tool params, and files and to use the ironclaw_security_scan tool before risky operations — this matches the code. The plugin records previews of inspected content to the audit log (JSONL) and may redact previews on request. That behaviour is expected for auditability, but it means the audit store can contain sensitive content unless redaction/configuration is used.

✓ Install Mechanism

There is no download/install step in the registry metadata; this is a repository-style OpenClaw plugin (TypeScript source, package.json). No external URL downloads, no packaged install scripts, and no unusual install locations are present. Node >=22 is required per package.json — typical for a TypeScript plugin.

ℹ Credentials

The plugin declares no required environment variables or credentials, which is proportionate. It does scan for patterns that look like API keys and tokens but does not require or send any keys. The main caution: audit events (by default written to ~/.openclaw/logs/ironclaw-security-guard.audit.jsonl) may include previews of inputs that contain secrets — operators should consider configuring auditLogPath, enabling redaction, or restricting file permissions.

✓ Persistence & Privilege

The plugin is not force-included (always:false). It registers hooks and a tool via OpenClaw's plugin API as expected; it writes audit logs to disk and does not modify other plugins' configs or request system-wide privileges. Autonomous invocation (disable-model-invocation:false) is the platform default and appropriate for a guard plugin.

如何使用

确保已安装 OpenClaw（本地或 Docker 部署）
在对话框中输入安装命令：/install ironclaw-security-guard
安装完成后，直接呼叫该 Skill 的名称或使用 /ironclaw-security-guard 触发
根据 Skill 的参数说明提供必要输入，即可获得结构化输出

版本历史

v0.2.0

First public ClawHub release for the OpenClaw security guard plugin and bundled skill.

元数据

Slug ironclaw-security-guard

版本 0.2.0

许可证 MIT-0

累计安装 0

当前安装数 0

历史版本数 1

常见问题