skill-guard
SkillShield v4 — Ultimate security scanner for OpenClaw skills. 65 security checks, SARIF v2.1.0 output, CI/CD ready, campaign detection, C2 IP blocklist, known malicious actor database, macOS attack detection, agent config tampering, LLM tool exploitation, pre-commit hooks, and more. Python 3 stdlib only. Single file. Zero dependencies.
Why use this skill?
Secure your OpenClaw agent skills with SkillShield v4. Perform 65+ security checks, detect malicious actors, and automate your CI/CD pipelines with comprehensive SARIF and HTML reporting.
Install via CLI (Recommended)
clawhub install openclaw/skills/skills/benlee2144/skillshieldWhat This Skill Does
SkillShield v4 is the premier security orchestration and scanning engine for the OpenClaw ecosystem. Designed as a zero-dependency, single-file Python 3 utility, it acts as a firewall for your AI agent skills. By performing 65 distinct security checks, it protects against sophisticated threats including prompt injection, malware execution, credential exfiltration, and agent configuration tampering. It supports enterprise-grade reporting through SARIF v2.1.0, JSON, HTML, and Markdown, making it an essential component for secure CI/CD pipelines.
Installation
To integrate SkillShield into your local or CI/CD environment, use the OpenClaw package manager:
clawhub install openclaw/skills/skills/benlee2144/skillshield
Ensure your system has Python 3 installed. Because the tool is designed as a standalone script, it requires no external libraries or environment setup, making it ideal for containerized builds or air-gapped environments.
Use Cases
- Continuous Security: Integrate into GitHub Actions to scan every pull request for malicious patterns before deployment.
- Agent Hardening: Use the quarantine and baseline detection features to ensure an agent's configuration hasn't been modified by unauthorized external actors.
- Threat Intelligence: Utilize the built-in C2 and malicious actor IP blocklist to prevent your agents from communicating with known adversary infrastructure.
- Regulatory Compliance: Generate standardized SARIF reports for auditing purposes within highly regulated technical environments.
Example Prompts
- "SkillShield, run a full security audit on the current skill directory and generate an HTML report for the stakeholders."
- "Check the agent configuration in /path/to/skills and provide a summary of any detected tampering or abnormal behavior."
- "Scan my repository for any potential LLM tool exploitation patterns and output the results in SARIF format for my CI/CD pipeline."
Tips & Limitations
For optimal performance, configure a .skillshield-ignore file to exclude non-essential directory paths from your scans. While the tool is highly effective at detecting static signatures and known malicious behaviors, it should be used as part of a defense-in-depth strategy. Always combine SkillShield scans with human code review for sensitive or high-privilege skills. The tool is limited to local file analysis and does not actively monitor runtime agent memory, though it can detect persistent threats that attempt to modify configuration files on disk.
Metadata
Not sure this is the right skill?
Describe what you want to build — we'll match you to the best skill from 16,000+ options.
Find the right skillPaste this into your clawhub.json to enable this plugin.
{
"plugins": {
"official-benlee2144-skillshield": {
"enabled": true,
"auto_update": true
}
}
}Tags(AI)
Flags: file-read, code-execution
Related Skills
skill-guard
Security scanner that audits OpenClaw skills for malicious code, prompt injection, supply chain attacks, data exfiltration, and more
skill-threat-scanner
Scan OpenClaw skills for malware, prompt injection, reverse shells, wallet theft, supply chain attacks, and data exfiltration. Protect your agent from the 386+ malicious ClawHub skills (ClawHavoc). 9-category threat detection, tamper monitoring, JSON reports, zero dependencies.