openclaw-warden-pro

What This Skill Does

OpenClaw Warden Pro acts as a robust, automated security layer for your AI agent's workspace. It serves as an active defense system that goes beyond simple monitoring to provide self-healing capabilities. By establishing a cryptographically verified baseline of your critical files, the system can detect unauthorized modifications, prompt injection attempts, or malicious skill tampering. Unlike the free version of Warden, the Pro edition features automated countermeasures including file restoration from snapshots, git rollback integration, and proactive skill quarantine. It ensures your agent environment remains consistent and secure, automatically addressing drift or unauthorized alterations during session startup or periodic heartbeats.

Installation

To install this security suite, ensure you have the ClawHub environment configured, then run the following command in your terminal:

clawhub install openclaw/skills/skills/atlaspa/openclaw-warden-pro

Once installed, it is highly recommended to integrate the 'protect' command into your workspace hooks. For Claude Code users, add the provided configuration to your SessionStart hook to ensure the workspace is scanned and sanitized before any task begins. For OpenClaw users, add the heartbeat entry to your HEARTBEAT.md file to maintain security throughout long-running tasks.

Use Cases

• Proactive Security: Automatically sanitizing the workspace during session startup to ensure no unauthorized persistence has been established.
• Skill Testing: Safely experiment with new, untrusted skills by running a 'protect' sweep to catch any illicit attempts to overwrite configuration files or modify SOUL.md.
• Disaster Recovery: Recovering your agent's identity and core instruction files if an AI model suffers from a 'hallucination' that leads it to corrupt critical workspace documentation.
• Forensics: Using the 'status' and 'verify' tools to audit workspace changes before committing to a git repository.

Example Prompts

1. "Warden, perform a full integrity scan of the workspace and list any unauthorized modifications since our last baseline."
2. "I think a newly installed skill changed my SOUL.md settings. Please rollback the file to its last known git-committed state."
3. "Start a protection sweep now. Quarantine any skills that modified critical system files and restore my configuration files from the last snapshot."

Tips & Limitations

• Consistency: Always run the baseline command whenever you intentionally update your agent's configuration or SOUL.md. Failing to update the baseline will result in 'false positive' alerts every time you run a verification.
• Isolation: Quarantine is not a replacement for code review. While Warden Pro moves malicious skills to a non-loadable directory, you should still manually inspect the quarantined folder to understand the threat vector.
• Git Integration: Ensure your workspace is a valid git repository if you intend to use the rollback feature effectively; otherwise, the tool relies exclusively on internal snapshots.