← 返回 Skills 市场
97
总下载
0
收藏
0
当前安装
1
版本数
在 OpenClaw 中安装
/install rules-of-the-claw
功能描述
A strong, field-tested Guardian baseline for OpenClaw Guardian — 56 deterministic rules protecting against credential theft, data exfiltration, network scann...
安全使用建议
What to check before installing:
- Verify origin: the package metadata and docs contain inconsistent GitHub URLs and placeholders (YOUR_ORG). Prefer installing only from a trusted repository (e.g., an official GitHub repo) or inspect the files first.
- Inspect rules-of-the-claw.json yourself: open the JSON and look for placeholder values (YOUR_APP, YOUR_ORG, YOUR_USER). Replace placeholders or adjust enabled/disabled flags before deploying to production to avoid accidentally blocking needed actions.
- Note the installer requires Node.js (install.sh checks for node) even though docs mention python3; ensure Node v18+ is present.
- The installer overwrites ~/.openclaw/extensions/guardian/guardian-rules.json but creates a timestamped backup. Keep the backup or merge rules if you have custom rules.
- Because the skill is a security rulepack that can block commands, test in a safe environment first to confirm it doesn't block legitimate workflows you rely on.
- The docs contain an example prompt-injection string; this is explanatory, but avoid running any untrusted automated prompt evaluation that might use those strings without sanitization.
If you are comfortable with the origin after inspection and have tested the rules, the installer flow appears safe to run.
功能分析
Type: OpenClaw Skill
Name: rules-of-the-claw
Version: 1.0.0
The skill is a defensive security bundle providing 56 regex-based rules for the OpenClaw Guardian plugin to restrict dangerous agent behaviors. The rules effectively target credential theft (e.g., blocking access to .env, .ssh, and cloud keys), data exfiltration (e.g., blocking pipes to curl/wget or known webhook sites), and infrastructure destruction. The install.sh script is a standard installer that performs local backups and validation of the rules-of-the-claw.json file without any suspicious remote calls or obfuscation.
能力评估
Purpose & Capability
The skill claims to provide deterministic Guardian rules and includes a rules JSON plus an installer that copies that JSON into ~/.openclaw/extensions/guardian/guardian-rules.json — this matches the stated purpose. Small inconsistencies: SKILL.md/README mention python3 for JSON validation while the installer actually requires Node.js (the script checks for node). The repository/homepage fields contain placeholders and inconsistent upstream URLs (YOUR_ORG vs bahuleyandr), so origin authenticity is unclear.
Instruction Scope
Runtime instructions are limited to installing Guardian rules, backing up any existing rules file, validating JSON/regex, and printing usage. They do not request credentials or exfiltrate data. However, SKILL.md contains a prompt-injection pattern ('ignore-previous-instructions') as part of a discussion about LLM voting bypass; this is a documented example rather than an active exploit, but it triggered the scanner and is worth reviewing.
Install Mechanism
No network downloads or remote code execution: install.sh copies the bundled JSON into the Guardian config directory, performs local validation using Node, and creates a timestamped backup of any existing rules file. There is no extract from arbitrary URLs or third-party package installation.
Credentials
The skill declares no required env vars, credentials, or config paths. The rules themselves are designed to protect credential paths rather than request secrets. Nothing in the files requests unrelated credentials or secret environment variables.
Persistence & Privilege
The skill does write to the Guardian rules file (~/.openclaw/extensions/guardian/guardian-rules.json) which is expected for a ruleset. It does not request always:true or modify other skills' configs. Note: installing will overwrite the existing rules file (the installer makes a backup), so installing replaces any custom rules unless you merge them first.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install rules-of-the-claw - 安装完成后,直接呼叫该 Skill 的名称或使用
/rules-of-the-claw触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.0
Initial release: 56 deterministic, regex-based Guardian rules for OpenClaw
Covers credential theft, data exfiltration, infrastructure destruction, network scanning, and git poisoning
Zero LLM dependency — rules execute at the tool layer, microsecond latency, no prompt injection attack surface
Works out of the box; three presets (minimal / standard / strict) for different risk tolerances
Per-app and per-org exceptions supported via JSON config
元数据
常见问题
Rules of the Claw 是什么?
A strong, field-tested Guardian baseline for OpenClaw Guardian — 56 deterministic rules protecting against credential theft, data exfiltration, network scann... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 97 次。
如何安装 Rules of the Claw?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install rules-of-the-claw」即可一键安装,无需额外配置。
Rules of the Claw 是免费的吗?
是的,Rules of the Claw 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。
Rules of the Claw 支持哪些平台?
Rules of the Claw 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 Rules of the Claw?
由 Bahuleyan(@bahuleyandr)开发并维护,当前版本 v1.0.0。
推荐 Skills