← 返回 Skills 市场
151
总下载
0
收藏
0
当前安装
4
版本数
在 OpenClaw 中安装
/install merlin-clawguard
功能描述
Système immunitaire numérique pour agents autonomes. Détecte les skills malveillantes via Clawdex (par Koi), scanne avec 4 vaccines Python (C2, rootkits, cha...
安全使用建议
This package implements a local threat scanner and many detection rules are present in the included Python vaccines — that matches the stated purpose. However the repository shows several coherence issues (mismatched import paths, duplicate entrypoint files, and SKILL.md metadata that does not align with the manifest), and the author/source are unknown with no homepage. Before installation: 1) Review the full vaccine_* modules (especially the truncated files) for any network calls, obfuscated code, or write/delete operations; 2) Test the scanner in a sandboxed environment (no production secrets) to observe its behavior and runtime import errors; 3) Confirm provenance or prefer a scanner from a known maintainer; 4) If you plan to let the agent invoke this autonomously, consider restricting its permissions and ensuring it cannot block or uninstall other skills without explicit human review. The inconsistencies increase risk of accidental misbehavior or runtime surprises — proceed with caution.
功能分析
Type: OpenClaw Skill
Name: merlin-clawguard
Version: 1.3.0
Merlin-ClawGuard is a comprehensive defensive security suite designed to protect OpenClaw agents from malicious skills. The bundle includes a unified scanner (merlin-guard.py) and multiple specialized detection modules (vaccines VAX-001 through VAX-030) that use extensive regex signatures and behavioral analysis to identify data exfiltration, C2 infrastructure, rootkits, and supply chain attacks like typosquatting. The code is transparent, well-documented, and its capabilities are strictly aligned with its stated purpose of threat detection and community protection.
能力评估
Purpose & Capability
The skill claims to be a threat scanner for ClawHub/Moltbook and the included Python modules implement many detection heuristics, which is coherent. However there are multiple mismatches between declared requirements/paths and the actual file layout: SKILL.md metadata lists a Python module requirement (aiohttp) even though the registry declares only curl/python3; the CLI wrappers use sys.path entries like 'VAX-030-package-ecosystem' and 'VAX-027-data-exfiltration-c2' while the file manifest contains vaccines/VAX-027 and vaccines/VAX-030. Duplicate similar entrypoint files (merlin-guard.py vs merlin_guard.py) with differing behavior also indicate sloppy packaging. These inconsistencies are not justified by the stated purpose and may cause runtime import errors or unexpected import behavior.
Instruction Scope
The SKILL.md usage is scoped to scanning skill files and calling a recommended Clawdex HTTP endpoint; it does not instruct the agent to read arbitrary system files or exfiltrate secrets. The embedded vaccine modules scan text for many risky patterns (C2 domains, webhooks, base64 blobs, kernel/rootkit indicators). That behavior is expected for a scanner, but some detectors rely on high-weight heuristics and string matching which can produce false positives and lead to aggressive 'BLOQUER' decisions. SKILL.md recommends curl to an external 'clawdex.koi.security' endpoint — network calls to that endpoint are suggested but not automatically performed by the included code. No instructions request unrelated environment variables or secret access.
Install Mechanism
There is no install spec (instruction-only install) so nothing is downloaded or extracted during installation. The risk surface is limited to the bundled Python files which will be executed by the agent when invoked. No external URLs are fetched by an installer step; still, because code files are present they will run locally when the skill is used.
Credentials
The skill does not require credentials or config paths (registry shows none), which is proportionate to its scanning purpose. Minor inconsistency: SKILL.md metadata lists a Python dependency ('aiohttp') that is not declared elsewhere and the registry lists only curl and python3 as required binaries. There is no request for secrets, but the code performs pattern matching on skill code that could include tokens if the scanned skill contains them — users should avoid scanning sensitive production secrets with third-party scanners.
Persistence & Privilege
The skill does not request always:true and does not declare privileged persistence or modification of other skills. Model invocation is allowed (platform default). The scanner could be invoked autonomously to flag or recommend blocking skills, but nothing in the package attempts to modify agent configuration or persist credentials.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install merlin-clawguard - 安装完成后,直接呼叫该 Skill 的名称或使用
/merlin-clawguard触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.3.0
VACCIN 30: Package Ecosystem Attacks (typosquatting, dependency confusion, malicious hooks). Scanner now has 5 vaccines Python.
v1.2.0
VACCIN 27-29 Python: Scanner CLI unifie (4 vaccines), Cross-Vector Detection, Rootkit/Bootkit. 2371 menaces couvertes.
v1.1.0
Updated to use real Clawdex API. Improved threat detection.
v1.0.0
Création initiale: Immunité numérique pour agents autonomes
元数据
常见问题
Merlin Clawguard 是什么?
Système immunitaire numérique pour agents autonomes. Détecte les skills malveillantes via Clawdex (par Koi), scanne avec 4 vaccines Python (C2, rootkits, cha... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 151 次。
如何安装 Merlin Clawguard?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install merlin-clawguard」即可一键安装,无需额外配置。
Merlin Clawguard 是免费的吗?
是的,Merlin Clawguard 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。
Merlin Clawguard 支持哪些平台?
Merlin Clawguard 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 Merlin Clawguard?
由 Kofna3369(@kofna3369)开发并维护,当前版本 v1.3.0。
推荐 Skills