← 返回 Skills 市场
144
总下载
0
收藏
0
当前安装
4
版本数
在 OpenClaw 中安装
/install raigo-af
功能描述
RAIGO Agent Firewall — comprehensive AI security policy enforcement for OpenClaw agents. Covers all known prompt security attack vectors: prompt injection, j...
安全使用建议
This SKILL.md appears to be a declarative ruleset for blocking prompt-injection and related attacks and is internally consistent with its description because it requires nothing and installs nothing. However, keep in mind: (1) it's only guidance — it protects you only if the agent actually follows these rules; it does not enforce platform-level or kernel-level protections. (2) The document instructs the agent to inspect and decode external content to detect obfuscation — this is necessary for detection but expands what the agent will parse; verify you are comfortable with that behavior. (3) Because the skill can be invoked autonomously by the agent (the platform default), decide whether you want automatic invocation enabled for this skill. (4) Review the full SKILL.md yourself for any steps that might send data to external endpoints or ask the agent to persist logs outside your control; although none are declared, the prose could include such instructions. If you need stronger guarantees (tamper-proof enforcement, centralized logging, or attestable execution), consider a platform-level guard or the vendor's managed/cloud offering and verify vendor provenance (raigo.ai docs link) before wide deployment.
能力评估
Purpose & Capability
Name and description claim a policy/ruleset for prompt security and the skill is an instruction-only SKILL.md with no binaries, env vars, or installs — that is coherent. The 'upgrade to raigo Cloud' claim merely describes a paid feature and is not required for the local ruleset.
Instruction Scope
The SKILL.md instructs the agent to inspect external content (web pages, files, emails, code comments) and to decode/normalize obfuscated payloads (Base64, hex, Unicode smuggling, etc.) before applying rules. That behavior is consistent with a detector firewall, but it expands the agent's effective read/processing scope (it will parse/decode hidden payloads). Review the full file for any instructions that would additionally collect or transmit the decoded content.
Install Mechanism
No install spec and no code files — lowest risk for arbitrary code being written or executed on the host. The skill is purely prose-driven.
Credentials
No environment variables, credentials, or config paths are requested — proportionate for a ruleset that claims to operate locally in the agent's decision flow.
Persistence & Privilege
always is false and the skill does not request elevated or persistent system-level privileges. It does not attempt to modify other skills or platform settings in the provided content.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install raigo-af - 安装完成后,直接呼叫该 Skill 的名称或使用
/raigo-af触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.3
- Expanded security coverage: now includes protections for indirect prompt injection, multi-agent attacks, supply chain threats, agent identity spoofing, memory poisoning, and more.
- Refined rule tiers: DENY (hard block), WARN (require human confirmation), and AUDIT (proceed but log/flag), with clearer escalation.
- Major improvements to prompt injection/jailbreak detection—including sophisticated obfuscation, encoded payloads, and persona/authority spoofing.
- Policies for blocking credential leaks, system prompt extraction, and blocking destructive or dangerous command execution clarified and strengthened.
- Cloud upgrade path now mentioned for custom organisation policies and audit logging.
- Out-of-the-box usage remains—no additional setup steps required.
v1.0.2
**Now ships with 7 baseline OWASP LLM Top 10 security rules embedded — instant protection, no setup required.**
- Immediate out-of-the-box protection: baseline rules are active on skill install, with no engine, compile step, or extra configuration needed.
- Blocks prompt injection, PII leakage, destructive actions, code injection, unverified tool use, financial actions, and AI overreliance.
- Full wording and enforcement responses for each rule are included directly in the skill documentation.
- Advanced (custom) policy and audit trail options are still available but now clearly separated from default usage.
v1.0.1
- Clarified that all install/setup commands must be run only by the human operator, not the agent.
- Updated prerequisites: now explicitly requires curl, node, and npm, and defines the default policy path in metadata.
- Split setup instructions into clear options for compiled and engine modes, with explicit guidance for each.
- Added a Data Handling section to explain what data is sent and where, especially for cloud mode.
- Improved instructions for agent evaluation workflow, emergency fallback behaviors, and policy updates.
- Tidied references and links for easier access.
v1.0.0
- Initial release of RAIGO Agent Firewall for OpenClaw agents.
- Enforces organizational security policies to block prompt injection, PII leakage, destructive commands, and OWASP LLM Top 10 risks.
- Supports two modes: compiled (no engine required, policy embedded in agent) and engine (real-time HTTP evaluation with audit trail).
- Clearly defined evaluation triggers: agent checks actions like shell commands, file changes, API calls, and sensitive data handling.
- Provides a default safe posture if no explicit policies are configured.
元数据
常见问题
raigo agent firewall 是什么?
RAIGO Agent Firewall — comprehensive AI security policy enforcement for OpenClaw agents. Covers all known prompt security attack vectors: prompt injection, j... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 144 次。
如何安装 raigo agent firewall?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install raigo-af」即可一键安装,无需额外配置。
raigo agent firewall 是免费的吗?
是的,raigo agent firewall 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。
raigo agent firewall 支持哪些平台?
raigo agent firewall 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 raigo agent firewall?
由 musharsec(@musharsec)开发并维护,当前版本 v1.0.3。
推荐 Skills