← 返回 Skills 市场
4328
总下载
2
收藏
44
当前安装
4
版本数
在 OpenClaw 中安装
/install openclaw-shield
功能描述
Enterprise AI security scanner using static analysis, runtime guards, and ClamAV to detect credential theft, data leaks, malware, and ensure audit logging.
安全使用建议
Review the external GitHub repository before running it, pin a specific commit, restrict scan targets to intended directories, and enable cron or Telegram alerts only after confirming exactly what data is logged or transmitted.
功能分析
Type: OpenClaw Skill
Name: openclaw-shield
Version: 1.0.3
The OpenClaw Shield skill is presented as an enterprise security scanner for AI agents, designed to detect credential theft, data exfiltration, and malicious code. The `SKILL.md` and `README.md` provide installation instructions (`git clone`, `python3 scanner.py`) and usage examples consistent with a security tool. Crucially, `SECURITY.md` explicitly addresses why the tool might appear suspicious (e.g., containing patterns for `ANTHROPIC_API_KEY`, checking `~/.ssh/`, `~/.aws/`), clarifying these are for *detection* purposes, not *execution*. There is no evidence of intentional harmful behavior, data exfiltration, unauthorized persistence, or malicious prompt injection against the agent in the provided files. The instructions are transparent and align with the stated purpose of a security scanner.
能力评估
Purpose & Capability
The advertised scanner purpose is coherent with threat-pattern detection, runtime guards, ClamAV, audit logging, and the SECURITY.md explanation that sensitive strings are detection signatures.
Instruction Scope
The runtime instructions go beyond the packaged skill by directing users to clone a third-party GitHub repository, run its scanner against chosen paths, and optionally enable runtime protection, cron scans, and alerting.
Install Mechanism
The package is documentation-only and does not include the runnable scanner code; installation relies on an unpinned git clone with no commit, checksum, or reviewed source bundled in the artifact.
Credentials
A scanner may reasonably inspect code and sensitive-path patterns, but the claims of zero supply-chain risk and stdlib-only operation are under-disclosed alongside ClamAV integration, Telegram alerting, and external repository execution.
Persistence & Privilege
Daily cron scanning is disclosed and optional, but it would create recurring background reads of whatever paths the user configures.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install openclaw-shield - 安装完成后,直接呼叫该 Skill 的名称或使用
/openclaw-shield触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.3
Add SECURITY.md explaining scanner purpose and addressing false positive concerns
v1.0.2
Re-release with proper README and description
v1.0.1
Improved summary and description for better discoverability
v1.0.0
Initial public release - Enterprise security infrastructure for AI agents. Static scanner + runtime guard + ClamAV integration + audit logging.
元数据
常见问题
OpenClaw Shield 是什么?
Enterprise AI security scanner using static analysis, runtime guards, and ClamAV to detect credential theft, data leaks, malware, and ensure audit logging. 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 4328 次。
如何安装 OpenClaw Shield?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install openclaw-shield」即可一键安装,无需额外配置。
OpenClaw Shield 是免费的吗?
是的,OpenClaw Shield 完全免费(开源免费),可自由下载、安装和使用。
OpenClaw Shield 支持哪些平台?
OpenClaw Shield 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 OpenClaw Shield?
由 pfaria32(@pfaria32)开发并维护,当前版本 v1.0.3。
推荐 Skills