← 返回 Skills 市场
paolorollo

Openclaw Sec

作者 PaoloRollo · GitHub ↗ · v0.2.6
cross-platform ⚠ suspicious
5239
总下载
10
收藏
16
当前安装
8
版本数
在 OpenClaw 中安装
/install openclaw-sec
功能描述
AI Agent Security Suite - Real-time protection against prompt injection, command injection, SSRF, path traversal, secrets exposure, and content policy violations
安全使用建议
Install only if you want OpenClaw-wide security hooks that may inspect and log prompts and tool-call parameters. Review the postinstall hook behavior, database path and retention, owner bypass settings, notification endpoints, and whether `tool_result_persist` truly blocks before execution in your OpenClaw version.
功能分析
Type: OpenClaw Skill Name: openclaw-sec Version: 0.2.6 The OpenClaw Security Suite is a security tool designed to detect and prevent various attacks like prompt injection, command injection, SSRF, path traversal, and secret exposure. All analyzed files, including the `SKILL.md` documentation, TypeScript source code, and shell scripts (`hooks/install-hooks.sh`), consistently align with this stated purpose. The tool's functionalities, such as scanning for malicious patterns, logging security events to a local SQLite database (`.openclaw-sec.db`), and sending notifications to configurable endpoints, are legitimate for a security product. The 'malicious' examples found in the code and documentation are test cases that the tool is designed to *detect and block*, not execute. There is no evidence of intentional harmful behavior, data exfiltration to unauthorized external endpoints, or persistence mechanisms beyond standard OpenClaw hook installation.
能力评估
Purpose & Capability
The scanning, blocking, reputation, database logging, and optional notifications generally fit the stated security-suite purpose; no artifact-backed exfiltration or destructive behavior was found.
Instruction Scope
The tool-call hook claims pre-execution blocking while registering a `tool_result_persist` plugin, creating real ambiguity about whether tool actions are blocked before or after execution.
Install Mechanism
`package.json` runs a postinstall script that builds the package and invokes `hooks/install-hooks.sh`, which copies hooks into `~/.openclaw/hooks`, creates a symlink, and attempts to enable them via the OpenClaw CLI.
Credentials
Default-enabled hooks can inspect user prompts and security-relevant tool parameters, then store normalized input, user IDs, session IDs, findings, and metadata in SQLite for analytics; this is purpose-aligned but sensitive and broad.
Persistence & Privilege
The hooks persist beyond the install command and alter agent behavior globally under the OpenClaw hooks directory; documentation includes disable steps, but the install-time side effect is high-impact.
如何使用
  1. 确保已安装 OpenClaw(本地或 Docker 部署)
  2. 在对话框中输入安装命令:/install openclaw-sec
  3. 安装完成后,直接呼叫该 Skill 的名称或使用 /openclaw-sec 触发
  4. 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v0.2.6
openclaw-sec 0.2.6 - Added new detection modules: code execution, exfiltration, injection validator, and serialization detection. - Introduced corresponding runtime validation patterns for code execution, exfiltration, SQL injection, template injection, general injection, and serialization attacks. - Significantly expanded test coverage for all new modules and patterns. - Updated core security engine and type definitions to support new modules. - Enhanced the modular structure to accommodate more security pattern categories.
v0.2.5
- Added pnpm-lock.yaml for improved dependency management and reproducible builds. - Updated multiple test files for integration and CLI functionality. - Modified Jest configuration for testing enhancements. - Made changes to the action engine and notification system test modules.
v0.2.4
openclaw-sec 0.2.4 Changelog - Updated capability metadata: added "168 patterns across 16 categories" to detection coverage. - SKILL.md version updated from 1.0.0 to 1.0.2, reflecting underlying metadata improvements. - No user-facing changes to commands or functionality. Documentation aligned with current detection scope.
v0.2.3
openclaw-sec v0.2.3 - Added 7 new pattern detectors for advanced prompt injection types, including chain-of-thought hijacking, direct extraction, encoding obfuscation, extraction attacks, policy puppetry, and social engineering. - Integrated these patterns into the core prompt injection module. - Added automated continuous integration (CI) workflow for better testing. - Improved and expanded test coverage for action and security engines. - Removed obsolete benchmark result files to streamline the codebase. - Updated documentation and dependencies.
v0.2.2
- Added `.openclaw-sec.example.yaml` as the new example config file and removed the old `.openclaw-security.example.yaml`. - Updated and improved documentation in `README.md`, hooks, and contributing guides. - Refined configuration examples and inline docs to align with new file naming. - Various updates across codebase and tests to reflect config changes and improve clarity. - No breaking changes to commands or core features.
v0.2.1
- Updated documentation in README.md and package.json. - Removed the PROJECT_SUMMARY.md file for simplification. - No changes to core functionality or detection modules.
v0.2.0
Summary: Major expansion of test coverage and security hooks; legacy hook refactor. - Added extensive integration and performance test suites. - Introduced new security input/tool validator hooks and documentation. - Split legacy hooks into a dedicated subfolder with improved structure. - Removed legacy hook files in favor of modular handlers. - Updated and clarified documentation and contribution guidelines.
v0.1.0
Initial release of OpenClaw Security Suite – comprehensive, real-time security for AI agents. - 6 parallel detection modules cover prompt injection, command injection, SSRF, path traversal, secrets exposure, and content policy violations. - Real-time validation (<50ms) with async database/logging. - Smart severity scoring and automated action enforcement (block, warn, log). - Provides detailed CLI/tools for validation, scanning, monitoring, and analytics. - Includes user reputation tracking, security stats, and event monitoring.
元数据
Slug openclaw-sec
版本 0.2.6
许可证
累计安装 197
当前安装数 16
历史版本数 8
常见问题

Openclaw Sec 是什么?

AI Agent Security Suite - Real-time protection against prompt injection, command injection, SSRF, path traversal, secrets exposure, and content policy violations. 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 5239 次。

如何安装 Openclaw Sec?

在 OpenClaw 或 Claude Code 对话框中运行命令「/install openclaw-sec」即可一键安装,无需额外配置。

Openclaw Sec 是免费的吗?

是的,Openclaw Sec 完全免费(开源免费),可自由下载、安装和使用。

Openclaw Sec 支持哪些平台?

Openclaw Sec 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。

谁开发了 Openclaw Sec?

由 PaoloRollo(@paolorollo)开发并维护,当前版本 v0.2.6。

推荐 Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191115 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 留言讨论