safe-fuzzer
Sandbox-only behavior-led gray-box skill fuzzer. Spawns a worker subagent, probes an installed target skill, deploys honeypot fixtures, and returns a structured JSON risk report.
Install via CLI (Recommended)
clawhub install openclaw/skills/skills/archidoge0/safe-fuzzer-deprecatedWhat This Skill Does
The SAFE Fuzzer is an advanced, behavior-led, gray-box diagnostic tool specifically designed for the OpenClaw agent ecosystem. It functions by spawning a dedicated worker subagent that probes an installed target skill within a strictly isolated sandbox environment. By deploying honeypot fixtures—synthetic data points and triggers designed to bait suspicious or errant behavior—the fuzzer monitors the target's interaction with the file system, shell operations, and network interfaces. It produces a comprehensive JSON-structured risk report, allowing developers and operators to verify that their skills perform only as intended before deployment in production environments.
Installation
To integrate this utility into your development lifecycle, execute the following command in your terminal session:
clawhub install openclaw/skills/skills/archidoge0/safe-fuzzer-deprecated
Ensure your configuration environment supports sandbox execution, as the fuzzer will refuse to operate outside of a locked, restricted state to maintain security integrity.
Use Cases
- Security Auditing: Detecting unauthorized network calls or file access patterns in third-party or internal skills.
- Regression Testing: Verifying that logic updates do not inadvertently introduce side effects in sensitive environment directories.
- Behavioral Profiling: Observing how a skill handles malformed or aggressive input patterns through structured probe cycles.
- Pre-flight Validation: Ensuring that newly developed skills adhere to the principle of least privilege before being promoted to active use.
Example Prompts
- "/safe_fuzzer target=data-scraper preset=balanced notes='Test for arbitrary file read vulnerabilities in the download module.'"
- "/skill safe-fuzzer target=api-connector preset=max"
- "/safe_fuzzer target=file-manager preset=min notes='Quick check for path traversal risks.'"
Tips & Limitations
- Always Sandbox: The tool is designed to be 'sandbox-only.' Attempts to use it without a locked sandbox will trigger a refusal. Ensure your agents.list[].sandbox.mode is set to 'all'.
- Resource Management: Choose your preset carefully. A 'max' preset requires at least 2400 seconds of execution time and is more resource-intensive. Use 'min' for quick iterative checks.
- Pre-flight Failures: If you see a 'refused_preflight' error, verify that your environment does not provide elevated execution permissions. The fuzzer intentionally restricts host-level access to prevent boundary-bypassing.
Metadata
Not sure this is the right skill?
Describe what you want to build — we'll match you to the best skill from 16,000+ options.
Find the right skillPaste this into your clawhub.json to enable this plugin.
{
"plugins": {
"official-archidoge0-safe-fuzzer-deprecated": {
"enabled": true,
"auto_update": true
}
}
}Tags(AI)
Flags: network-access, file-write, file-read, code-execution
Related Skills
safe-bootstrapper
Deterministic setup and remediation helper for installed OpenClaw skills. Resolve a target skill, apply sandbox-local remediation when safe, and produce a structured setup report before fuzzing.
safe-fuzzer
Sandbox-only behavior-led gray-box skill fuzzer. Spawns a worker subagent, probes an installed target skill, deploys honeypot fixtures, and returns a structured JSON risk report.