openclaw-marshal
Skill by atlaspa
Install via CLI (Recommended)
clawhub install openclaw/skills/skills/atlaspa/openclaw-marshalWhat This Skill Does
OpenClaw Marshal is a security orchestration and compliance audit tool designed for OpenClaw agent workspaces. As agent architectures evolve and incorporate an increasing number of third-party skills, maintaining a consistent security posture becomes difficult. Marshal solves this by allowing users to define a global security policy (stored in .marshal-policy.json) that acts as the source of truth for workspace safety.
It performs rigorous static analysis and heuristic checks on installed skills to detect risky patterns like command injection vectors, prohibited network endpoints, or sensitive data handling failures. By providing immediate feedback through compliance scoring and actionable recommendations, it acts as a gatekeeper for workspace integrity.
Installation
To add the Marshal skill to your workspace, execute the following command in your terminal:
clawhub install openclaw/skills/skills/atlaspa/openclaw-marshal
Once installed, you should initialize your policy immediately to begin the audit process:
python3 {baseDir}/scripts/marshal.py policy --init --workspace /path/to/workspace
Use Cases
- Continuous Compliance Monitoring: Integrate the
auditcommand into your CI/CD pipeline to ensure no newly installed skill violates the organization's network or command execution policies before it goes live. - Security Forensics: If a workspace exhibits suspicious behavior, use the
checkcommand on individual skills to isolate potential vectors of attack. - Audit Documentation: Quickly generate a professional, formatted report using the
reportcommand for compliance teams or security audits. - Workspace Standardization: Use the
.marshal-policy.jsonto enforce consistent security hygiene across all developer workspaces in your team.
Example Prompts
- "Run a full compliance audit on my current workspace and tell me which skills have the most critical violations."
- "Show me the current active security policy and check if the openclaw-warden skill is compliant with our network allowlist."
- "Generate a formal compliance report for this workspace and save it as a text file for my security records."
Tips & Limitations
- Tips: Always review the generated policy file after initialization. While the defaults are sensible, they should be tailored to your specific organizational needs (e.g., adding internal domain names to your network allowlist).
- Limitations: Marshal is a static and configuration-based audit tool. It cannot prevent zero-day vulnerabilities in third-party code that is not explicitly flagged by its signature patterns. It performs best when used as part of a layered security strategy including runtime monitoring and Principle of Least Privilege (PoLP). Always ensure you are running the latest version of the skill to receive updated threat signatures.
Metadata
Not sure this is the right skill?
Describe what you want to build — we'll match you to the best skill from 16,000+ options.
Find the right skillPaste this into your clawhub.json to enable this plugin.
{
"plugins": {
"official-atlaspa-openclaw-marshal": {
"enabled": true,
"auto_update": true
}
}
}Tags(AI)
Flags: file-read, file-write
Related Skills
openclaw-egress
Skill by atlaspa
cost-governor
Skill by atlaspa
openclaw-vault
Skill by atlaspa
openclaw-security
Unified security suite for agent workspaces. Installs, configures, and orchestrates all 11 OpenClaw security tools in one command — integrity, secrets, permissions, network, audit trail, signing, supply chain, credentials, injection defense, compliance, and incident response.
openclaw-warden
Skill by atlaspa