ClawKit Logo
ClawKitReliability Toolkit
Back to Registry
Official Verified utilities Safety 5/5

openclaw360

Runtime security skill for AI agents — prompt injection detection, tool call authorization, sensitive data leak prevention, skill security scanning, and one-click backup & restore

skill-install — Terminal

Install via CLI (Recommended)

clawhub install openclaw/skills/skills/326668808/openclaw360
Or

What This Skill Does

OpenClaw360 is a comprehensive runtime security framework designed to fortify AI agents against common vulnerabilities. By acting as a secure middleware, it monitors and manages critical interactions to prevent exploitation. It provides five core layers of protection: detecting malicious prompt injections, authorizing tool calls, intercepting sensitive data leaks, conducting static security scanning on third-party skills, and managing robust one-click backup and restore operations. OpenClaw360 is fully open-source (MIT License) and operates entirely locally, ensuring that no sensitive data leaves your environment. It uses zero-knowledge auditing, meaning all sensitive logs are hashed with SHA-256 before storage.

Installation

To install OpenClaw360, run the command: clawhub install openclaw/skills/skills/326668808/openclaw360. Before installation, ensure you have Python 3.10+ installed. The process will create a dedicated ~/.openclaw360/ directory for configuration, identity keys, and audit logs. The skill does not require sudo privileges. Upon first launch, execute openclaw360 init to generate your local Ed25519 signing keys, which are essential for integrity verification of your agent's audit logs and backups.

Use Cases

  1. Injection Defense: Protect your agent from users attempting to hijack instructions or bypass safety filters via crafted prompts.
  2. Tool Governance: Validate that tool parameters are within expected ranges before execution, preventing unauthorized access or misuse of connected systems.
  3. Data Loss Prevention: Scan output streams for sensitive patterns like API keys or personal identifiers before they are displayed to the user.
  4. Audit and Compliance: Keep a cryptographically signed trail of all agent actions for security forensics and performance review.
  5. State Recovery: Use the backup management system to maintain environment snapshots, allowing for seamless reverts if configuration changes or updates break agent functionality.

Example Prompts

  1. "OpenClaw360, please scan the current agent prompt for any signs of injection attacks and provide a risk report."
  2. "Before I execute this database search tool, use OpenClaw360 to check if the parameters contain unauthorized query patterns."
  3. "Generate an audit report for my agent session from last night and verify the integrity of my latest backup."

Tips & Limitations

  • Zero-Trust: OpenClaw360 operates locally. It does not access system directories (like /etc) or private user configs (~/.ssh, ~/.aws).
  • Performance: While the security checks are efficient, verify your agent's latency requirements if processing extremely high-volume streams.
  • Manual Invocation: To maintain safety, this skill is not set to auto-execute. You must explicitly request an analysis via command or prompt to trigger its protective functions.
  • Integrity: Always keep your Ed25519 keys secure, as they are used to verify the manifest of your backups.
Read Full Documentation on GitHub

Metadata

Author@326668808
Stars4473
Views1
Updated2026-05-01
View Author Profile
AI Skill Finder

Not sure this is the right skill?

Describe what you want to build — we'll match you to the best skill from 16,000+ options.

Find the right skill
Add to Configuration

Paste this into your clawhub.json to enable this plugin.

{
  "plugins": {
    "official-326668808-openclaw360": {
      "enabled": true,
      "auto_update": true
    }
  }
}

Tags(AI)

#security#ai-safety#privacy#cybersecurity#agent-ops
Safety Score: 5/5

Flags: file-write, file-read