← 返回 Skills 市场
jaschadub

Symbiont

作者 Jascha · GitHub ↗ · v1.1.0 · MIT-0
cross-platform ✓ 安全检测通过
757
总下载
0
收藏
0
当前安装
4
版本数
在 OpenClaw 中安装
/install symbiont
功能描述
Zero-trust AI agent governance for OpenClaw. Adds ORGA runtime, Cedar policy enforcement, SchemaPin tool verification, ClawHavoc skill scanning, and cryptogr...
安全使用建议
This package appears to be internally consistent with its governance purpose, but before installing: (1) verify the Homebrew tap/formula (thirdkeyai/tap) and review its source (brew formula may pull code), (2) inspect the scripts yourself — they are simple shell scanners and a policy guard that write local audit logs (.symbiont/audit/tool-usage.jsonl) and do not exfiltrate data, (3) ensure jq is present as declared, and (4) if you plan to use it in production or on sensitive hosts, run the scanner (clawhavoc-scan.sh) and review the symbi binary source or use a vetted release (e.g., GitHub releases or a container) before giving it any elevated privileges.
功能分析
Type: OpenClaw Skill Name: symbiont Version: 1.1.0 The 'symbiont' skill bundle is a security governance framework for OpenClaw agents, providing tools for policy enforcement, audit logging, and malicious skill scanning. It includes 'clawhavoc-scan.sh', a defensive script that uses regex patterns to detect over 40 types of malicious behavior (e.g., reverse shells, credential theft), and 'policy-guard.sh', which implements a deny-list to block dangerous commands and access to sensitive paths like ~/.ssh or .env. The instructions in SKILL.md and SOUL-symbiont.md are explicitly designed to harden the agent's security posture and ensure compliance with zero-trust principles, with no evidence of malicious intent or data exfiltration.
能力评估
Purpose & Capability
Name/description (zero‑trust governance, Cedar, SchemaPin, ClawHavoc) match the included artifacts: SKILL.md describes governance workflows and the repo includes a scanner (clawhavoc-scan.sh), a policy guard (policy-guard.sh), references to SchemaPin and Cedar, and a Homebrew install of the symbi runtime. Nothing in the manifest asks for unrelated credentials, binaries, or config paths.
Instruction Scope
SKILL.md instructions focus on scaffolding governance files, writing/validating Cedar policies, verifying MCP tools via symbi if available, scanning skills locally, and querying local audit logs. The included scripts operate on local files and produce local JSONL audit entries; they do not contact external endpoints or instruct the agent to read unrelated system secrets.
Install Mechanism
Install uses a Homebrew formula (symbi) from a third‑party tap (thirdkeyai/tap). This is proportionate to the skill's stated need for the symbi runtime, but third‑party Homebrew taps are a moderate trust surface — users should validate the tap/formula source before installing on sensitive systems.
Credentials
The skill requires only jq (declared) and no environment variables or credentials. Scripts intentionally check for and avoid accessing deny-listed paths (.env, .ssh, .aws, etc.) and log to a local .symbiont/audit directory. There are no unexplained SECRET/TOKEN/PASSWORD requirements.
Persistence & Privilege
The skill does not request always:true, does not change other skills' configs, and only writes its own .symbiont/ scaffold and audit logs in the working directory. Autonomous invocation is allowed (platform default) but is not combined with broad, unexplained privileges here.
如何使用
  1. 确保已安装 OpenClaw(本地或 Docker 部署)
  2. 在对话框中输入安装命令:/install symbiont
  3. 安装完成后,直接呼叫该 Skill 的名称或使用 /symbiont 触发
  4. 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.1.0
1.1.0 Complete rewrite. Now delivers the full Symbiont governance stack for OpenClaw, matching capabilities of symbi-claude-code and symbi-gemini-cli. Three governance tiers: Awareness (audit logging), Protection (deny list), Governance (Cedar policies) ClawHavoc skill scanner with 40+ detection rules across 10 attack categories Cedar policy creation, editing, and validation SchemaPin MCP tool schema verification (ECDSA P-256, TOFU pinning) Symbiont DSL agent definition authoring and validation Cryptographic audit trails (JSONL) Dual-mode architecture: standalone (Mode A) and ORGA-managed (Mode B) Agent personas: symbi-governor (default), symbi-dev (DSL specialist) Cross-compatible .symbiont/local-policy.toml (works with Claude Code and Gemini CLI plugins) Reference docs for Cedar patterns and DSL syntax Companion SOUL.md on onlycrabs.ai
v1.0.2
Key updates from v1.4.0 → v1.5.0: - Description: Added ORGA reasoning loop, Cedar policy authorization, knowledge bridge - What Makes Symbiont Unique: Added 4 new bullet points (ORGA, Cedar, Knowledge Bridge, Durable Journal); updated crypto verification to mention AgentPin - New section: Agentic Reasoning Loop — covers minimal loop setup, typestate phase transitions, all 7 journal event types, Cedar policy gate with entity type mapping, and knowledge bridge integration - Documentation links: Added reasoning-loop.md and security-model.md, removed stale tool_review_workflow.md link
v1.0.1
- Updated documentation links in the introduction to point to the official GitHub resources for the DSL Guide, DSL Specification, and Example Agents. - No code or functional changes in this version.
v1.0.0
Symbiont skill version 1.0.0 initial release. - Comprehensive AI agent development guide covering the Symbiont DSL, runtime, and security model. - Quick start templates for common agent types: data processing, API integration, security scanning, and multi-agent orchestration. - Policy-as-code examples with zero-trust security, HIPAA/SOC2/GDPR compliance patterns, and capability-scoped permissions. - Sandbox tier selection guide: Docker, gVisor, and Firecracker isolation levels with resource limits. - DSL cheatsheet covering agent definitions, policy blocks, scheduling, memory, webhooks, and channel adapters. - Integration patterns for SchemaPin tool verification, AgentPin identity, persistent memory (v1.4.0), and webhook signature verification (v1.4.0). - Full changelog from v0.1.1 through v1.4.0 included.
元数据
Slug symbiont
版本 1.1.0
许可证 MIT-0
累计安装 0
当前安装数 0
历史版本数 4
常见问题

Symbiont 是什么?

Zero-trust AI agent governance for OpenClaw. Adds ORGA runtime, Cedar policy enforcement, SchemaPin tool verification, ClawHavoc skill scanning, and cryptogr... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 757 次。

如何安装 Symbiont?

在 OpenClaw 或 Claude Code 对话框中运行命令「/install symbiont」即可一键安装,无需额外配置。

Symbiont 是免费的吗?

是的,Symbiont 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。

Symbiont 支持哪些平台?

Symbiont 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。

谁开发了 Symbiont?

由 Jascha(@jaschadub)开发并维护,当前版本 v1.1.0。

推荐 Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191115 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 留言讨论