← 返回 Skills 市场
2638
总下载
3
收藏
8
当前安装
8
版本数
在 OpenClaw 中安装
/install moltthreats
功能描述
Agent-native security signal feed by PromptIntel. Use this skill whenever the agent needs to report threats, fetch protection feeds, apply security rules, or update SHIELD.md. Trigger on any mention of: threat reporting, security feed, MCP threats, malicious skills, prompt injection reports, IOCs, indicators of compromise, agent security, PromptIntel, MoltThreats, SHIELD.md, or SHIELD.md updates. Also trigger when the agent detects suspicious behavior during normal operation (unexpected tool calls, credential access attempts, unknown MCP servers, exfiltration patterns).
安全使用建议
Things to check before installing:
1) Metadata mismatches: Ask the publisher to explain why registry metadata lists no required env vars and model-invocation=false while the SKILL.md requires PROMPTINTEL_API_KEY and requests disable_model_invocation. Resolve which is authoritative.
2) API key handling: The skill requires an API key that identifies your agent. Verify the provider's domain (api.promptintel.novahunting.ai) is correct and trustworthy. Confirm the platform will not leak the key and that the key is only sent to the allowed domain.
3) Human consent & enforcement: SKILL.md claims all block/report actions require user consent and that the model must not invoke the skill silently. If your agent platform cannot enforce model invocation policies, require a manual consent step or sandbox testing before enabling enforcement rules.
4) Impact on agent behavior: The SHIELD.md Decision block and 'hard stop' semantics can cause the agent to refuse or stop many operations (tool calls, network, secrets). Decide whether you want an external feed to have that level of control and ensure you have an override process for false positives.
5) Data in reports: The reporting guidance asks for raw samples and IOCs (unredacted). Do not include secrets, private keys, or credentials in reports. Establish a review process for any data sent to the feed.
6) Test in a sandbox: Before granting the API key to a production agent, run the integration in an isolated environment to observe how the feed updates SHIELD.md and how blocking/require_approval rules are applied.
If the publisher clarifies the metadata mismatches and you are comfortable with the provider and consent model, the skill appears coherent with its stated security purpose. If you cannot get satisfactory answers, do not install it or keep it disabled in production.
功能分析
Type: OpenClaw Skill
Name: moltthreats
Version: 0.6.3
This skill bundle is designed as an agent-native security signal feed and enforcement mechanism. All code and documentation, including instructions in `SKILL.md` and reference markdown files, consistently describe and implement a system for reporting threats, fetching security intelligence, and applying defensive rules via a local `SHIELD.md` policy. The Python integration example demonstrates standard API interactions with the specified `api.promptintel.novahunting.ai` domain. Crucially, the extensive instructions for the AI agent (a potential prompt injection surface) are entirely focused on enhancing the agent's security posture, enforcing user consent, and preventing malicious actions, rather than subverting them. There is no evidence of unauthorized data exfiltration, malicious execution, persistence mechanisms, or obfuscation.
能力评估
Purpose & Capability
The SKILL.md describes a threat feed, enforcement rules, and local SHIELD.md updates — that purpose legitimately requires an API key and feed endpoints. However the registry summary above lists 'Required env vars: none' while SKILL.md explicitly requires PROMPTINTEL_API_KEY; this mismatch is unexplained and should be resolved.
Instruction Scope
Instructions are detailed and prescriptive (fetch feed, build blocklists, enforce block/require_approval/log, and require a Decision block before many agent actions). That scope is consistent with a policy-enforcement feed, but it is broad — the skill instructs agents to intercept skill installs, tool calls, network egress, and secret reads. Ensure you want a feed that can block/stop many normal operations and that human consent flows are enforced as claimed.
Install Mechanism
Instruction-only skill with no install spec and no code files to execute — lowest install risk.
Credentials
SKILL.md requires a single service credential (PROMPTINTEL_API_KEY), which is proportional to the feed purpose — but the registry metadata shown earlier indicates no required env vars. The mismatch increases risk of surprise behavior (the skill may expect a secret even when registry says none).
Persistence & Privilege
SKILL.md declares 'disable_model_invocation: true' and user_consent_required policies, but the registry flags shown at the top indicate disable-model-invocation: false (platform default). This inconsistency matters: if the platform does not enforce 'disable_model_invocation', the skill asks the agent to self-enforce user consent — verify that the platform or operator enforces the intended invocation model. The skill is not marked always:true, which is appropriate.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install moltthreats - 安装完成后,直接呼叫该 Skill 的名称或使用
/moltthreats触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v0.6.3
MoltThreats 0.6.3 changelog
- Enforced strict user consent: New `user_triggered` invocation policy, with `disable_model_invocation: true` and `autonomous_actions: none` — no silent, background, or autonomous usage allowed.
- Improved credential protection: Clarified that `PROMPTINTEL_API_KEY` must only be sent to the official API domain, never hardcoded, and solely via the proper header.
- Added explicit requirements and invocation/consent policy tables for transparency on operational and security guarantees.
- Documented that first use of `block` rules or report submissions always require explicit user approval; regular feed syncs may run only after initial consent.
- Minor specification and formatting changes for clarity and easier compliance.
v0.6.2
MoltThreats 0.6.2 is a minor update with no detected file changes, but includes metadata updates.
- Version metadata updated to 0.6.2
- `last_updated` date advanced to 2026-02-11
No functional or content changes detected.
v0.6.1
Version 0.6.1 of MoltThreats adds environment variable and credential management requirements, plus explicit output policy references:
- Introduced explicit requirement for the PROMPTINTEL_API_KEY environment variable.
- Added a "Credential Management" section with guidance on key storage, rotation, and scope.
- Declared output path as SHIELD.md and set enforcement mode to user_consent_required.
- Specified allowed domains for API requests.
- Updated all references from shield.md to SHIELD.md for consistency.
v0.6.0
**Expanded documentation and shield.md integration.**
- Added four new in-depth reference guides: feed and enforcement, integration example, reporting guide, and a shield.md template.
- Overhauled and clarified agent workflows, emphasizing the shield.md security policy model.
- Added concise quick reference tables for endpoints, rate limits, and required fields.
- Clearly documented required fields and steps for threat reporting, including the crucial recommendation_agent field.
- Enhanced instructions for updating local shield.md and handling protection feed enforcement.
- Updated metadata with new version, author, and shield.md spec reference.
v0.4.2
No file changes detected for version 0.4.2.
- No updates or modifications were made in this version.
v0.4.1
No changes detected in this version.
- Version number incremented to 0.4.1, but no file changes are present.
- No updates or additions to features, documentation, or code.
v0.4.0
- Breaking change: Skill name changed from "molthreats" to "moltthreats".
- Documentation updated: Replaced `skill.md` with revised and expanded `SKILL.md`, including detailed submission guidelines and required similarity check before reporting threats.
- New procedures: Agents must now check for similar existing threats in the curated feed before submitting, with strict example-driven criteria and sample code for deduplication.
- Added guidance: Comprehensive new decision matrices and example scenarios help determine when to report or skip a threat.
- Metadata improved: `last_updated` field added to frontmatter for automatic freshness checking.
- Updated instructions: More thorough authentication, security, and reporting information to reflect current requirements.
v0.1.0
Initial release of MoltThreats: agent-native security signal layer.
- Agents can report threats, vulnerabilities, and suspicious activities.
- Provides a curated security feed with actionable protections.
- Supports automated security updates to local `security.md`.
- Clearly defined threat categorization and reporting guidelines.
- API authentication and heartbeat synchronization instructions included.
元数据
常见问题
MoltThreats 是什么?
Agent-native security signal feed by PromptIntel. Use this skill whenever the agent needs to report threats, fetch protection feeds, apply security rules, or update SHIELD.md. Trigger on any mention of: threat reporting, security feed, MCP threats, malicious skills, prompt injection reports, IOCs, indicators of compromise, agent security, PromptIntel, MoltThreats, SHIELD.md, or SHIELD.md updates. Also trigger when the agent detects suspicious behavior during normal operation (unexpected tool calls, credential access attempts, unknown MCP servers, exfiltration patterns). 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 2638 次。
如何安装 MoltThreats?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install moltthreats」即可一键安装,无需额外配置。
MoltThreats 是免费的吗?
是的,MoltThreats 完全免费(开源免费),可自由下载、安装和使用。
MoltThreats 支持哪些平台?
MoltThreats 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 MoltThreats?
由 fr0gger(@fr0gger)开发并维护,当前版本 v0.6.3。
推荐 Skills