← 返回 Skills 市场
jarvis-drakon

ShieldCortex

作者 jarvis-drakon · GitHub ↗ · v4.12.11 · MIT-0
cross-platform ⚠ suspicious
1504
总下载
1
收藏
6
当前安装
56
版本数
在 OpenClaw 中安装
/install shieldcortex
功能描述
Persistent memory and security system for AI agents. Stores memories with semantic search, knowledge graphs, and decay. Scans agent inputs/outputs for prompt...
安全使用建议
ShieldCortex appears to implement the memory+scan features it claims, but it requires broad read access to agent/project config files (including $CWD/.env) and can modify other agents' config to register lifecycle hooks. It also falls back to running 'npx -y shieldcortex' which will fetch and run code from npm on first use. Before installing: 1) Review the bundled runtime files yourself (they are included) and confirm you trust the upstream package on npm/github; 2) Do not enable cloud sync or supply a cloud API key unless you trust the service and its team; 3) If you want to avoid network/supply-chain risk, install the shieldcortex binary from a vetted source ahead of time and set binaryPath/SHIELDCORTEX_ROOT so the plugin uses a known local binary; 4) Be cautious about auto-enable options that modify ~/.claude or other agent configs—backup those files first and require explicit consent to change them; 5) If you store secrets in project .env files, consider removing them or restricting access before allowing this skill to scan them. If you want a lower-risk posture, prefer a version that only uses the bundled runtime without on-demand npx installs and that does not auto-write other agents' settings.
功能分析
Type: OpenClaw Skill Name: shieldcortex Version: 4.12.11 The ShieldCortex bundle provides a legitimate persistent memory and security auditing system for AI agents. While it requests broad filesystem access (reading .env files and various agent configuration directories like ~/.claude and ~/.cursor), these actions are clearly documented and aligned with its stated purpose of scanning for credential leaks and prompt injection. The code uses execFile for process execution and includes a cloud sync feature that is disabled by default and requires a user-provided API key. No evidence of obfuscation, intentional data exfiltration, or malicious prompt injection was found in index.js, runtime.mjs, or the markdown files.
能力标签
cryptorequires-sensitive-credentials
能力评估
Purpose & Capability
Name/description claim persistent memory + security scanning; the bundled plugin and hook implement exactly that: memory extraction, semantic storage, and realtime scanning. The declared filesystem paths (agent config dirs and project files) and optional cloud sync align with the stated purpose. The only surprising capabilities are explicit read access to $CWD/.env and the claim that the skill will modify MCP/agent settings (e.g., ~/.claude/settings.json and ~/.claude/mcp.json) during setup — these are explainable for a memory/security integrator but are higher-privilege than a simple formatter or UI plugin.
Instruction Scope
SKILL.md and bundled code instruct the agent to read many agent/project config locations and to scan .env for leaked secrets. Those file reads are declared, but reading dot-env files can expose secrets unrelated to the plugin's core function. The skill also registers lifecycle handlers in other agents' settings (e.g., ~/.claude/settings.json) which changes agent behavior system-wide. The runtime code dynamically locates or falls back to running shieldcortex via npx, meaning network fetch/execution happens on first use unless a local binary is installed.
Install Mechanism
There is no formal install spec; the runtime falls back to executing 'npx -y shieldcortex' (and the HOOK.md explicitly says 'installs automatically on first use via npx -y shieldcortex'). That causes on-demand downloads from npm at runtime, which is higher risk than only using bundled code. The package does bundle runtime code locally, but the code path still prefers global installs or npx which can pull remote code. This dynamic-install behaviour should be considered a notable supply-chain risk unless you control or vet the registry and package release process.
Credentials
The skill declares no required environment variables and only optional config vars (SHIELDCORTEX_CONFIG_DIR, SHIELDCORTEX_API_KEY, etc.). That is proportional. However the code explicitly reads $CWD/.env and other project config files to scan for leaked secrets; while justified by the 'env-scanner' purpose, this gives the skill access to potentially sensitive credentials stored in project env files. The plugin also allows a cloudApiKey option for optional cloud sync — that is reasonable but also increases risk if enabled.
Persistence & Privilege
The skill is not force-installed (always:false) and allows autonomous invocation (default). It writes to its own config dir (~/.shieldcortex/) which is expected, but it also may modify MCP/agent config files (e.g., ~/.claude/mcp.json and ~/.claude/settings.json) to register lifecycle hooks. Modifying other agents' settings is powerful and can change agent behavior system-wide; this is a legitimate integration step but is a persistence/privilege escalation vector that users should explicitly approve and monitor.
如何使用
  1. 确保已安装 OpenClaw(本地或 Docker 部署)
  2. 在对话框中输入安装命令:/install shieldcortex
  3. 安装完成后,直接呼叫该 Skill 的名称或使用 /shieldcortex 触发
  4. 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v4.12.11
Auto-sync from npm publish v4.12.11
v4.12.10
Auto-sync from npm publish v4.12.10
v4.12.9
Auto-sync from npm publish v4.12.9
v4.12.8
Auto-sync from npm publish v4.12.8
v4.12.7
Auto-sync from npm publish v4.12.7
v4.12.6
Auto-sync from npm publish v4.12.6
v4.12.5
Auto-sync from npm publish v4.12.5
v4.12.4
Auto-sync from npm publish v4.12.4
v4.12.3
Auto-sync from npm publish v4.12.3
v4.12.2
Auto-sync from npm publish v4.12.2
v4.12.1
Auto-sync from npm publish v4.12.1
v4.12.0
Auto-sync from npm publish v4.12.0
v4.11.1
Auto-sync from npm publish v4.11.1
v4.11.0
Auto-sync from npm publish v4.11.0
v4.10.7
Auto-sync from npm publish v4.10.7
v4.10.6
Auto-sync from npm publish v4.10.6
v4.10.5
Auto-sync from npm publish v4.10.5
v4.10.4
Auto-sync from npm publish v4.10.4
v4.10.3
Auto-sync from npm publish v4.10.3
v4.10.2
Auto-sync from npm publish v4.10.2
元数据
Slug shieldcortex
版本 4.12.11
许可证 MIT-0
累计安装 6
当前安装数 6
历史版本数 56
常见问题

ShieldCortex 是什么?

Persistent memory and security system for AI agents. Stores memories with semantic search, knowledge graphs, and decay. Scans agent inputs/outputs for prompt... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 1504 次。

如何安装 ShieldCortex?

在 OpenClaw 或 Claude Code 对话框中运行命令「/install shieldcortex」即可一键安装,无需额外配置。

ShieldCortex 是免费的吗?

是的,ShieldCortex 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。

ShieldCortex 支持哪些平台?

ShieldCortex 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。

谁开发了 ShieldCortex?

由 jarvis-drakon(@jarvis-drakon)开发并维护,当前版本 v4.12.11。

推荐 Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191113 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 留言讨论