← 返回 Skills 市场
0xbeekeeper

AgentGuard

作者 GoPlus · GitHub ↗ · v1.0.12 · MIT-0
cross-platform ⚠ suspicious
2101
总下载
4
收藏
20
当前安装
6
版本数
在 OpenClaw 中安装
/install security
功能描述
GoPlus AgentGuard — AI agent security guard. Run /agentguard checkup for a full security health check, scans all installed skills, checks credentials, permis...
安全使用建议
This skill is an on-agent security auditor and appears coherent with that purpose, but it will run Node scripts and system inspection commands that touch sensitive locations (e.g., ~/.openclaw, ~/.claude, ~/.ssh, ~/.gnupg) and will write audit logs to ~/.agentguard. Before installing or running: (1) review the bundled scripts (you have them) and ensure you trust the source code (the package tries to import a local 'dist' or '@goplus/agentguard'); (2) do not set GOPLUS_API_KEY/GOPLUS_API_SECRET unless you want Web3 simulation and trust the remote API; (3) keep AGENTGUARD_AUTO_SCAN unset unless you want opt-in session auto-scans (it is off by default); (4) be aware the scanner will enumerate files and environment variables for secret scanning — if you need stricter limits, audit/modify the SKILL.md/script behaviors before use. Overall the tool's requested accesses and behavior match a legitimate security scanner, but you should verify the code and run in a controlled environment first.
功能分析
Type: OpenClaw Skill Name: security Version: 1.0.12 The bundle is a comprehensive security framework (GoPlus AgentGuard) designed to audit AI agents, but it is classified as suspicious due to its high-privilege requirements and broad system access. It requests read access to sensitive directories including ~/.ssh/ and ~/.gnupg/ (SKILL.md), and it has the capability to modify system persistence via cron jobs (patrol-checks.md). While these actions are aligned with its stated purpose of security auditing and credential safety checks, the bundle possesses the inherent capability to access private keys and execute arbitrary shell commands via its bundled scripts (scripts/action-cli.ts, scripts/trust-cli.ts). The inclusion of a complex HTML report generator that automatically opens a browser (scripts/checkup-report.js) further increases the functional risk profile of the skill.
能力标签
cryptorequires-walletrequires-sensitive-credentialsposts-externally
能力评估
Purpose & Capability
Name/description (agent security guard / health check / scanning installed skills) align with the files, docs, and allowed commands. The skill legitimately needs to discover installed skills, inspect config files and system state, and run node scripts to produce reports. Optional GOPLUS_API_KEY / GOPLUS_API_SECRET are declared for Web3 simulation only.
Instruction Scope
SKILL.md and patrol-checks.md explicitly target agent-related paths (~/.claude, ~/.openclaw, ~/.qclaw, $OC) and list stat/permission checks for ~/.ssh and ~/.gnupg. The allowed tools list permits system inspection commands (ss/lsof/ufw/iptables/find/stat/env). There is a small mismatch to note: SKILL.md claims '~/.ssh/' and '~/.gnupg/' are checked with stat-only (no key content read), while some patrol-check steps (find, file modification checks) will enumerate files in those directories and other docs reference scanning workspace files for secret patterns — this is consistent with an audit tool but does broaden scope beyond pure stat-only checks.
Install Mechanism
No external download/install spec is provided (instruction-only), reducing install-time risk. The bundle contains Node scripts that import a local dist path or the '@goplus/agentguard' package; this is a normal design (fallback to local engine or packaged dependency). Consumers should ensure Node 18+ and dependencies are from a trusted environment before executing.
Credentials
The skill requests no required secrets and declares GOPLUS_API_KEY / GOPLUS_API_SECRET as optional for enhanced Web3 simulation, which is proportionate to the described Web3 features. Runtime scripts do read process.env for opt-in gating (e.g., AGENTGUARD_AUTO_SCAN) — expected for an opt-in auto-scan hook.
Persistence & Privilege
always is false and there is no automatic always-on installation. The bundle writes to ~/.agentguard for audit logs and config (explicitly declared), which is appropriate for an auditing tool. The auto-scan hook is gated by AGENTGUARD_AUTO_SCAN and does not run by default.
如何使用
  1. 确保已安装 OpenClaw(本地或 Docker 部署)
  2. 在对话框中输入安装命令:/install security
  3. 安装完成后,直接呼叫该 Skill 的名称或使用 /security 触发
  4. 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.12
- Added scripts directory with required files for registry and trust management. - Improved documentation for safer script execution: always resolve the absolute path for scripts/ and cd into the skill directory before running commands. - Updated allowed-tools to include Write and Bash(node *) for improved compatibility. - Enhanced filesystem-access section to document required read/write permissions for audit and configuration. - Removed scripts/package.json; split lockfiles for better node_modules management.
v1.0.11
- The description now highlights the new /agentguard checkup feature: a full agent security health check that scans all installed skills, checks credentials, permissions, and network exposure, then delivers an HTML report. - Emphasized checkup as a primary use case alongside scanning code, blocking risky commands, and evaluating runtime actions. - No changes were made to functionality, command structure, or detection rules. - Documentation is now clearer for users about running agent security checkups and receiving actionable reports.
v1.0.10
**AgentGuard v1.0.10 adds security patrol and checkup features, expands tooling, and reorganizes scripts.** - Added daily security patrol subcommand for OpenClaw environments and included `patrol-checks.md`. - Introduced `checkup` command for comprehensive agent health checks and HTML reporting (new script: `scripts/checkup-report.js`). - Updated allowed tools: Bash access to security/system/checkup tools (e.g., `openclaw`, `ss`, `lsof`, `ufw`, `iptables`, etc.) for patrol and checkup support. - Expanded SKILL.md routing for new subcommands; updated description and metadata version to 1.1. - Removed old scripts and lockfiles; added `.clawignore` and updated documentation. - README.md and patrol documentation added for better usability and user guidance.
v1.0.4
### Security - Auto-scan is now **opt-in** (disabled by default) to address ClawHub security review - Claude Code: requires `AGENTGUARD_AUTO_SCAN=1` environment variable - OpenClaw: requires `{ skipAutoScan: false }` when registering the plugin - Auto-scan now operates in **report-only mode** — scans skills and reports results to stderr, but no longer calls `forceAttest` or modifies the trust registry - Audit log (`~/.agentguard/audit.jsonl`) no longer records code snippets, evidence details, or scan summaries — only skill name, risk level, and risk tag names ### Removed - `forceAttest` calls from `auto-scan.js` and `openclaw-plugin.ts` - `inferCapabilities`, `determineTrustLevel`, `riskToTrustLevel` helpers from OpenClaw plugin (no longer needed)
v1.0.3
- Initial release of in-skill agent security scripts and utilities. - Added dedicated scripts for action evaluation (`action-cli.ts`), auto-scan, trust management (`trust-cli.ts`), and registry data storage. - Introduced explicit trust workflow: registration now always uses AgentGuard’s own scripts, never untrusted code from scanned targets. - Updated documentation and skill metadata for Node.js 18+ compatibility and optional GoPlus Web3 API usage. - Enhanced post-scan trust registration: requires explicit user confirmation and displays exact command before execution. - Included web3-patterns and evaluation documentation for improved transparency and traceability.
v0.1.0
agentguard v0.1.0 changelog: - Initial release of GoPlus AgentGuard skill for AI agent security. - Supports scanning codebases for 24 types of security risks with detailed detection and output. - Enables security report generation with actionable summaries and trust registration flow for skills. - Includes runtime action safety evaluation for commands, file/network/web3 requests, and secret access. - Adds trust management and security event reporting capabilities.
元数据
Slug security
版本 1.0.12
许可证 MIT-0
累计安装 21
当前安装数 20
历史版本数 6
常见问题

AgentGuard 是什么?

GoPlus AgentGuard — AI agent security guard. Run /agentguard checkup for a full security health check, scans all installed skills, checks credentials, permis... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 2101 次。

如何安装 AgentGuard?

在 OpenClaw 或 Claude Code 对话框中运行命令「/install security」即可一键安装,无需额外配置。

AgentGuard 是免费的吗?

是的,AgentGuard 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。

AgentGuard 支持哪些平台?

AgentGuard 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。

谁开发了 AgentGuard?

由 GoPlus(@0xbeekeeper)开发并维护,当前版本 v1.0.12。

推荐 Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191115 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 留言讨论