← 返回 Skills 市场
OpenClaw Security Hardening
作者
kylejfrost
· GitHub ↗
· v1.1.0
2282
总下载
5
收藏
1
当前安装
3
版本数
在 OpenClaw 中安装
/install openclaw-security-hardening
功能描述
Protect OpenClaw installations from prompt injection, data exfiltration, malicious skills, and workspace tampering
安全使用建议
This package is a local hardening/audit toolkit and appears to do what it says: it will scan your skills/workspace and create local baselines and whitelists under $HOME/.openclaw/security. Before running: (1) review the scripts yourself (they run shell commands and inspect many files); (2) back up AGENTS.md, MEMORY.md and any important files, since harden-workspace.sh can modify permissions and .gitignore when run with --fix; (3) confirm you’re comfortable with files being written to ~/.openclaw/security (hash files, whitelist); (4) run scan tools in non-privileged/test environment first, then run with --fix only after manual review; (5) check the domain whitelist and incident logging locations (memory/security-incidents.md) so you know what will be recorded. Overall the pieces are coherent for a security tool — there are no unexplained external endpoints or credential requests, but exercising normal caution (review code and run in a controlled environment) is recommended.
功能分析
Type: OpenClaw Skill
Name: openclaw-security-hardening
Version: 1.1.0
This skill bundle is a comprehensive security hardening toolkit for OpenClaw. All scripts (`audit-outbound.sh`, `harden-workspace.sh`, `install-guard.sh`, `integrity-check.sh`, `scan-skills.sh`) are designed to detect, prevent, or remediate security risks like prompt injection, data exfiltration, skill tampering, and misconfigurations. The `SKILL.md` and `assets/security-rules-template.md` explicitly define defensive measures for the AI agent. There is no evidence of intentional harmful behavior, data exfiltration, malicious execution, or persistence mechanisms within the provided files; all actions are aligned with the stated purpose of enhancing security.
能力评估
Purpose & Capability
Name/description match delivered artifacts: scripts for scanning skills, auditing outbound patterns, integrity baselines, workspace hardening, and a pre-install guard are all appropriate for a 'security hardening' tool. No unrelated credentials, external services, or strange binaries are requested.
Instruction Scope
SKILL.md instructs the agent to run the provided scripts. The scripts intentionally read many files and directories (workspace files, skill files, config in $HOME, .git, .env, .ssh and common credential locations) so they can detect exposures — this is expected for this tool. Be aware these scans require file-system access and will enumerate/inspect potentially sensitive files; the scripts do not attempt to transmit data externally (they flag outbound patterns instead).
Install Mechanism
Instruction-only + bundled shell scripts; there is no remote download/install step, no package registries, and no URL-based extract operations. Risk from install mechanism is low — the tool writes files into $HOME/.openclaw/security (baseline, whitelist), which is expected for a local security tool.
Credentials
No environment variables or credentials are requested. Scripts reference HOME and common system tools (shasum, realpath, grep, git, python3 optional) and standard paths (~/.openclaw, workspace paths, ~/.ssh, ~/.aws). This is proportionate to the stated purpose, but the user should note the tool will read many sensitive locations to detect issues.
Persistence & Privilege
The skill is not 'always:true' and does not request elevated platform privileges. It does create/modify local state under $HOME/.openclaw/security (hash baseline, whitelist) and may write fixes when run with --fix; that behavior is expected for a hardening tool. Review and consent to these local writes before running.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install openclaw-security-hardening - 安装完成后,直接呼叫该 Skill 的名称或使用
/openclaw-security-hardening触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.1.0
Removed all workspace-specific references. Clean generic skill for any OpenClaw install.
v1.0.1
Remove workspace-specific path references
v1.0.0
Initial release: skill scanner, integrity checker, outbound auditor, workspace hardening, install guard, security rules template
元数据
常见问题
OpenClaw Security Hardening 是什么?
Protect OpenClaw installations from prompt injection, data exfiltration, malicious skills, and workspace tampering. 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 2282 次。
如何安装 OpenClaw Security Hardening?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install openclaw-security-hardening」即可一键安装,无需额外配置。
OpenClaw Security Hardening 是免费的吗?
是的,OpenClaw Security Hardening 完全免费(开源免费),可自由下载、安装和使用。
OpenClaw Security Hardening 支持哪些平台?
OpenClaw Security Hardening 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 OpenClaw Security Hardening?
由 kylejfrost(@kylejfrost)开发并维护,当前版本 v1.1.0。
推荐 Skills