← 返回 Skills 市场
wow-leeroy-jenkins05

Shoofly Basic

作者 wow-leeroy-jenkins05 · GitHub ↗ · v1.3.0 · MIT-0
cross-platform ✓ 安全检测通过
227
总下载
1
收藏
0
当前安装
8
版本数
在 OpenClaw 中安装
/install shoofly-basic
功能描述
Real-time security monitor for AI agents. Watches every tool call, flags threats, and alerts you before damage is done. Works with OpenClaw and Claude Code....
安全使用建议
This skill appears to do what it says: passively monitor tool calls, run pattern checks, log results to ~/.shoofly/logs/alerts.log, and notify via configured channels. Before installing, review and consider: 1) Logs will include full tool arguments and outputs — these can contain secrets; ensure the log file location and permissions are acceptable or modify the SKILL to redact sensitive fields. 2) The notifier will read ~/.shoofly/config.json and ~/.openclaw/openclaw.json and may use any notification tokens found there (e.g., Telegram bot token) to send alerts — verify those configs and tokens before enabling. 3) The script tries to send alerts through the user's configured channels (openclaw, Telegram, WhatsApp) which will cause data to leave the machine if those channels are configured. 4) The skill is passive (does not block), so you should still enforce guardrails for high-risk actions. If you want stronger guarantees, consider removing sensitive channels or ensuring logs are encrypted/ACL-restricted, and inspect ~/.shoofly/config.json and ~/.openclaw/openclaw.json to confirm what will be used for delivery.
功能分析
Type: OpenClaw Skill Name: shoofly-basic Version: 1.3.0 The skill functions as a defensive security monitor designed to detect prompt injection, tool response injection, and unauthorized data exfiltration. The SKILL.md provides a detailed threat checklist for the agent to evaluate its own actions, while bin/shoofly-notify.sh implements a robust notification system across multiple platforms (macOS/Linux/Windows) and messaging services (Telegram, WhatsApp, Discord). The shell script demonstrates security-conscious coding practices, such as using Python for safe JSON encoding of UI notifications and verifying that log files are not symlinks before writing.
能力评估
Purpose & Capability
The name/description (real-time monitor that flags tool calls) align with the included SKILL.md and the helper script. Required binaries (jq, curl) are reasonable for parsing JSON and sending HTTP requests/notifications. No unrelated credentials, installs, or surprising binaries are requested.
Instruction Scope
Instructions require the agent to capture tool name, arguments, and outputs and append them (JSONL) to ~/.shoofly/logs/alerts.log and to run pattern checks on the content. That is consistent with monitoring, but it means potentially sensitive data (secrets, API keys, full tool outputs) will be recorded unencrypted on disk and may be sent to configured channels. The instructions do not instruct reading unrelated system files, but they do read agent config (~/.shoofly/config.json) and offer to inspect ~/.openclaw/openclaw.json for channel discovery.
Install Mechanism
No install spec; this is instruction + a small bash helper included in the bundle. No downloads or archive extraction. The ship contains a single shell script whose behavior is visible and straightforward.
Credentials
The skill requests no environment variables and only requires jq/curl. It does read user config files (~/.shoofly/config.json and ~/.openclaw/openclaw.json) and may use tokens found there (telegram.bot_token, etc.) to deliver messages — which is consistent with its notification role but means those credential-containing configs will be read and used if present. The script takes precautions (mkdir, chmod 700, refuse symlink) but will still cause data to traverse configured channels.
Persistence & Privilege
The skill is not always:true, does not request system-wide config changes, and only writes to its own ~/.shoofly/ directory. It does read other agent config (~/.openclaw/) for channel discovery, which is reasonable for a notifier but worth noting. It does not autonomously block actions (explicitly passive).
如何使用
  1. 确保已安装 OpenClaw(本地或 Docker 部署)
  2. 在对话框中输入安装命令:/install shoofly-basic
  3. 安装完成后,直接呼叫该 Skill 的名称或使用 /shoofly-basic 触发
  4. 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.3.0
v2: Claude Code runtime support — PostToolUse hook, install-claude-code.sh, same threat policy as OpenClaw
v1.2.6
Remove verbatim threat-pattern strings from SKILL.md to clear false-positive flags from security scanners (VirusTotal, OpenClaw). Detection logic unchanged — descriptions now use semantic language instead of literal attack strings.
v1.2.5
Added upsell path to Shoofly Advanced in listing description
v1.2.4
v1.2.4: Fix P0 bug — shoofly-notify auto mode was crashing (local outside function). SKILL.md: fix setup path, add auto channel docs, remove phantom PI-009 ref. Log entries now include type:notification field. PATH tip added to installer.
v1.2.3
v1.2.3: Improved description for discoverability. Added tags: tool-monitoring, runtime-security, jailbreak-detection, data-exfiltration.
v1.2.2
v1.2.2: OpenClaw-native notifications — auto-discovers configured channels (Telegram, WhatsApp, Discord), writes directly to active terminal TTYs, cross-platform desktop (macOS/Linux/Windows). Fixes: JSON injection in install.sh (jq --arg), BASE_URL pinned to tagged release, NDJSON log format, PowerShell stdin injection (SN-01 CRITICAL), shell injection in legacy paths (SN-02 HIGH), control-char TTY sanitization (SN-03), log dir permissions (SN-04). QA: Probe 7/7 + Sentinel PASS WITH NOTES.
v1.2.0
v1.2.0: Gateway notification always-on (fires before user channels, no config needed). Manifest fix: bin/shoofly-notify.sh now correctly bundled. Scanner false positive fix: threat checklist references policy/threats.yaml patterns instead of verbatim strings. Security: JSON-encoding mandate for gateway POST dynamic fields.
v1.1.0
v1.1.0: Bundled shoofly-notify, expanded credential detection, 4 new threat patterns, fixed OSW-001, Setup section, policy freeze docs, ReDoS fix, expanded log format.
元数据
Slug shoofly-basic
版本 1.3.0
许可证 MIT-0
累计安装 0
当前安装数 0
历史版本数 8
常见问题

Shoofly Basic 是什么?

Real-time security monitor for AI agents. Watches every tool call, flags threats, and alerts you before damage is done. Works with OpenClaw and Claude Code.... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 227 次。

如何安装 Shoofly Basic?

在 OpenClaw 或 Claude Code 对话框中运行命令「/install shoofly-basic」即可一键安装,无需额外配置。

Shoofly Basic 是免费的吗?

是的,Shoofly Basic 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。

Shoofly Basic 支持哪些平台?

Shoofly Basic 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。

谁开发了 Shoofly Basic?

由 wow-leeroy-jenkins05(@wow-leeroy-jenkins05)开发并维护,当前版本 v1.3.0。

推荐 Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191115 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 留言讨论