← 返回 Skills 市场
Openclaw Defender
作者
nightfullstar
· GitHub ↗
· v0.1.0
1499
总下载
2
收藏
5
当前安装
1
版本数
在 OpenClaw 中安装
/install openclaw-defender
功能描述
Provides real-time file integrity monitoring, pre-installation skill audits, runtime threat blocking, kill switch activation, and incident response to protec...
安全使用建议
This package mostly looks like a sensible defender toolkit, but before you enable it or wire it into your agent: 1) Inspect scripts/runtime-monitor.sh and update-lists.sh for any outbound network calls, hard-coded endpoints, or remote code execution; do not run generate-baseline.sh until you are sure your workspace is in a known-good state (creating a baseline from compromised files can lock in malicious state). 2) Do not add the cron job or integrate runtime-monitor hooks into OpenClaw core until you've audited the scripts (run them in an isolated/sandbox environment first). 3) Treat external update sources as hostile by default — either pin the blocklist source to a trusted repo you control or review fetched data before applying. 4) Verify the publisher/repository provenance (owner identity, GitHub repo activity) — absence of a clear homepage/author is a risk. 5) If you lack time/expertise to audit the runtime-monitor script, consider running audit-only features (scripts that scan skills) manually and delaying automated runtime enforcement. Following these steps will materially reduce supply-chain and persistence risk.
功能分析
Type: OpenClaw Skill
Name: openclaw-defender
Version: 0.1.0
This skill bundle, 'openclaw-defender', is a comprehensive security framework designed to protect OpenClaw agents from various attacks, including prompt injection, credential theft, and data exfiltration. All analyzed files (scripts, documentation, and metadata) consistently describe defensive measures, threat detection, and incident response. The scripts like `runtime-monitor.sh` actively block dangerous commands, network requests to known malicious infrastructure (e.g., 91.92.242.30, glot.io), and file access to sensitive areas. The `audit-skills.sh` script scans for malicious patterns like base64 encoding, `curl|bash`, and prompt injection phrases, which are documented as threats, not executed by the skill itself. The `update-lists.sh` script legitimately uses `curl` or `wget` to fetch blocklists from a specified GitHub repository, which is a standard practice for updating threat intelligence in a security tool. There is no evidence of intentional harmful behavior; instead, the skill is explicitly designed to prevent such actions.
能力评估
Purpose & Capability
Name and documentation claim a security/monitoring purpose and the repository contains matching tooling (integrity checks, audits, quarantine, runtime monitor, blocklist management). The requested actions (hashing SKILL.md, checking files, blocking network/file/command operations) are appropriate for a tool of this kind.
Instruction Scope
SKILL.md instructs the agent/admin to run scripts, create a baseline of critical files, add a cron job, and (optionally) integrate runtime calls into OpenClaw core. Those steps are expected for this functionality but are sensitive: generating a new baseline on a compromised workspace can codify malicious state, and the runtime protection only works if OpenClaw core actually invokes runtime-monitor.sh at the indicated hooks.
Install Mechanism
There is no automated install spec (lower risk) and code is included in the skill bundle. However update-lists.sh defaults to fetching blocklists/allowlists from an external GitHub repo (https://github.com/nightfullstar/openclaw-defender) and supports overriding that URL — a legitimate feature but a potential supply-chain vector if you allow automatic updates or accept untrusted remotes without review.
Credentials
The skill declares no required environment variables or credentials. Scripts optionally honor OPENCLAW_WORKSPACE / OPENCLAW_LOGS and may call the GitHub API if curl/jq are available. No unexplained secret/credential requests are present in the metadata or SKILL.md.
Persistence & Privilege
The skill recommends persistent monitoring (cron job every 10 minutes) and asks for runtime integration that would cause persistent per-skill checks. 'always' is not set; autonomous invocation is normal. The persistent presence is reasonable for a defender but raises impact if the runtime-monitor or update mechanism can be co-opted — review and audit before enabling cron/integration.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install openclaw-defender - 安装完成后,直接呼叫该 Skill 的名称或使用
/openclaw-defender触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v0.1.0
Initial release with comprehensive security framework for OpenClaw agents.
- Adds real-time file integrity monitoring and automatic tampering alerts.
- Implements pre-installation skill auditing: pattern scanning, author reputation checks, and blocklist enforcement.
- Introduces runtime protection: network, file, command, RAG operation controls, and output sanitization.
- Adds a kill switch for emergency shutdown upon threat detection, with incident logging.
- Enforces security policies with zero-trust rules and human approval workflow.
- Includes logging, automated analytics, incident response tools, and collusion detection for advanced threat hunting.
- Provides quick-start guides and operational best practices for secure skill management.
元数据
常见问题
Openclaw Defender 是什么?
Provides real-time file integrity monitoring, pre-installation skill audits, runtime threat blocking, kill switch activation, and incident response to protec... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 1499 次。
如何安装 Openclaw Defender?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install openclaw-defender」即可一键安装,无需额外配置。
Openclaw Defender 是免费的吗?
是的,Openclaw Defender 完全免费(开源免费),可自由下载、安装和使用。
Openclaw Defender 支持哪些平台?
Openclaw Defender 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 Openclaw Defender?
由 nightfullstar(@nightfullstar)开发并维护,当前版本 v0.1.0。
推荐 Skills