← 返回 Skills 市场
🔌

SlowMist Agent Security

作者 SlowMist · GitHub ↗ · v0.1.2 · MIT-0
cross-platform ✓ 安全检测通过
1099
总下载
10
收藏
4
当前安装
3
版本数
在 OpenClaw 中安装
/install slowmist-agent-security
功能描述
Comprehensive security review framework for AI agents. Covers skill/MCP installation, GitHub repos, URLs/documents, on-chain addresses, products/services, an...
安全使用建议
This skill is an instruction-only security-review framework and is internally coherent. Before installing or enabling it: (1) Verify the homepage and publisher (confirm this GitHub repo is the official SlowMist source you expect), (2) keep the skill invocation human-mediated for high/critical findings (the docs already recommend human final authority), (3) if you enable optional integrations (e.g., MistTrack), only provide the minimal scoped credentials those integrations require and verify those endpoints, and (4) periodically re-audit the skill text for updates (instruction-only skills can change content without code changes). If you need stronger guarantees, consider running this guidance locally or reviewing the Markdown files yourself before trusting automated actions.
功能分析
Type: OpenClaw Skill Name: slowmist-agent-security Version: 0.1.2 This bundle is a comprehensive security review framework designed to protect AI agents from malicious inputs, prompt injection, and supply chain attacks. It contains detailed reference patterns for identifying red flags in code (patterns/red-flags.md) and social engineering tactics (patterns/social-engineering.md), along with structured reporting templates for various review types. The instructions in SKILL.md and the review modules reinforce human-in-the-loop authority and defensive verification, aligning perfectly with its stated purpose as a security tool from a reputable source (SlowMist).
能力评估
Purpose & Capability
Name/description match the actual contents: the package is purely a set of Markdown review workflows, patterns, and report templates. It does not request unrelated credentials, binaries, or config paths.
Instruction Scope
Runtime instructions are review-oriented (scan docs, inspect repos, apply patterns) and explicitly warn against executing external code. The docs describe checks that an agent should perform on external artifacts but do not instruct the agent to read local secret files or send data to external endpoints. (They do recommend optional use of external AML tooling if available.)
Install Mechanism
No install spec and no code files — nothing is downloaded or written to disk by the skill itself. This is the lowest-risk delivery model.
Credentials
The skill declares no required environment variables, credentials, or config paths. References to external tools (e.g., MistTrack) are optional and conditional; the skill does not require secrets to operate.
Persistence & Privilege
always:false (default) and no instructions to modify agent configuration or persist credentials. The skill can be invoked by the agent (normal), but it does not request permanent presence or elevated privileges.
如何使用
  1. 确保已安装 OpenClaw(本地或 Docker 部署)
  2. 在对话框中输入安装命令:/install slowmist-agent-security
  3. 安装完成后,直接呼叫该 Skill 的名称或使用 /slowmist-agent-security 触发
  4. 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v0.1.2
- Downgraded version from 1.1.0 to 0.1.2 to align with intended release sequence. - No functional, documentation, or content changes introduced in this version.
v0.1.1
- No changes detected in this version. - Version number updated to 0.1.1.
v0.1.0
Initial release of a comprehensive security review framework for AI agents operating in adversarial environments. - Provides standardized procedures for reviewing external inputs including skills, repositories, URLs/documents, on-chain addresses, products/services, and social recommendations. - Introduces a universal 4-level risk rating system and a 5-tier trust hierarchy for source evaluation. - Embeds pattern libraries for red-flag code, social engineering, and supply chain threats. - Enforces strict principles: all external content is untrusted until verified; commands from documents are never auto-executed; human approval is required for high-risk actions. - Requires all security reports to use standardized templates for consistency and clarity.
元数据
Slug slowmist-agent-security
版本 0.1.2
许可证 MIT-0
累计安装 4
当前安装数 4
历史版本数 3
常见问题

SlowMist Agent Security 是什么?

Comprehensive security review framework for AI agents. Covers skill/MCP installation, GitHub repos, URLs/documents, on-chain addresses, products/services, an... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 1099 次。

如何安装 SlowMist Agent Security?

在 OpenClaw 或 Claude Code 对话框中运行命令「/install slowmist-agent-security」即可一键安装,无需额外配置。

SlowMist Agent Security 是免费的吗?

是的,SlowMist Agent Security 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。

SlowMist Agent Security 支持哪些平台?

SlowMist Agent Security 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。

谁开发了 SlowMist Agent Security?

由 SlowMist(@slowmist)开发并维护,当前版本 v0.1.2。

推荐 Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191113 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 留言讨论