← 返回 Skills 市场
john-niu-07

OpenClaw Safety Guard

作者 John-niu-07 · GitHub ↗ · v1.0.1 · MIT-0
cross-platform ⚠ suspicious
283
总下载
0
收藏
0
当前安装
2
版本数
在 OpenClaw 中安装
/install safety-guard-skill
功能描述
Security guard skill for OpenClaw - Analyzes user input for harmful content, risky commands, and security threats before invoking LLM
安全使用建议
Do not install or run this skill as-is. The package contains only documentation and conflicting metadata: there is no CLI binary or source code even though the README shows CLI usage and a pip install hint. Steps to take before trusting this skill: 1) Ask the publisher for the actual source code or executable and a reproducible install manifest (e.g., pip package or GitHub release). 2) Verify the repository and owner identity (the included _meta.json has mismatched owner/slug/version info). 3) If you obtain code, review it for any network calls or credential exfiltration (it references many model API keys and optional third-party tokens). 4) Prefer skills that include code or a vetted install mechanism from a trusted source. If you must test, do so in an isolated environment and avoid supplying real API keys or sensitive files until you confirm the implementation.
功能分析
Type: OpenClaw Skill Name: safety-guard-skill Version: 1.0.1 The skill bundle is suspicious because it describes a 'Safety Guard' tool in SKILL.md that is meant to intercept and analyze all user input, yet it fails to provide the actual implementation code or script for the 'safety-guard' command. Furthermore, the documentation references non-existent LLM models (e.g., 'gpt-5.2' and 'gemini-3-flash-preview') and requests a wide range of sensitive API keys, which are common indicators of deceptive or low-quality packages that could facilitate data interception.
能力评估
Purpose & Capability
The SKILL.md describes a CLI tool (examples like `safety-guard ...`) and references Python + PyYAML installation, but the published package contains no code files or executable. The registry metadata lists python3 as a required binary but provides no actual binary or script. This incoherence (a claimed tool with no implementation) is unexpected and unexplained.
Instruction Scope
Instructions describe reading URLs and local files (e.g., /path/to/file.pdf) and a config path (~/.safety-guard/config.json), which is reasonable for a content-scanning tool, but the SKILL.md is high-level and presumes a runtime component that isn't present. It also mentions optional services (FIRECRAWL, APIFY) and many model API keys — these would enable network access and third-party services if implemented, but the actual behavior is unknown because no code is included.
Install Mechanism
Registry shows 'no install spec', yet SKILL.md metadata contains an install hint (pip install PyYAML). That discrepancy means there is no verified, repeatable installation path included with the published skill. Lack of a proper install manifest for a tool that claims to be a CLI is a red flag.
Credentials
The registry lists no required environment variables, but SKILL.md instructs users to set multiple provider API keys (OPENAI_API_KEY, ANTHROPIC_API_KEY, XAI, GEMINI_API_KEY and optional FIRECRAWL/APIFY tokens). Requiring numerous unrelated provider keys is plausible for a multi-model guard, but the package does not declare or justify those env requirements, increasing the risk of unexpected credential use if an implementation is obtained elsewhere.
Persistence & Privilege
The skill does not request 'always: true' and is user-invocable only. It does reference an optional config file under the user's home directory, which is normal for CLI tools. There is no evidence here of the skill attempting to modify other skills or request persistent elevated privileges.
如何使用
  1. 确保已安装 OpenClaw(本地或 Docker 部署)
  2. 在对话框中输入安装命令:/install safety-guard-skill
  3. 安装完成后,直接呼叫该 Skill 的名称或使用 /safety-guard-skill 触发
  4. 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.1
Updated description and metadata
v1.0.0
Initial release
元数据
Slug safety-guard-skill
版本 1.0.1
许可证 MIT-0
累计安装 0
当前安装数 0
历史版本数 2
常见问题

OpenClaw Safety Guard 是什么?

Security guard skill for OpenClaw - Analyzes user input for harmful content, risky commands, and security threats before invoking LLM. 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 283 次。

如何安装 OpenClaw Safety Guard?

在 OpenClaw 或 Claude Code 对话框中运行命令「/install safety-guard-skill」即可一键安装,无需额外配置。

OpenClaw Safety Guard 是免费的吗?

是的,OpenClaw Safety Guard 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。

OpenClaw Safety Guard 支持哪些平台?

OpenClaw Safety Guard 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。

谁开发了 OpenClaw Safety Guard?

由 John-niu-07(@john-niu-07)开发并维护,当前版本 v1.0.1。

推荐 Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191115 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 留言讨论