clawguardian
One layer in a multi-layer security stack for OpenClaw agents. Intercepts prompt injection, exfiltration attempts, tool abuse, and social engineering before they reach the model. Use alongside OpenClaw's built-in capability restrictions for defense-in-depth.
Install via CLI (Recommended)
clawhub install openclaw/skills/skills/bluemax30001/guardianWhat This Skill Does
Guardian acts as a critical security layer within the OpenClaw ecosystem, specifically designed to intercept and neutralize malicious inputs before they reach your AI model. By providing real-time pre-scan capabilities and periodic batch scanning, it creates a robust defense-in-depth architecture. It is designed to mitigate risks such as prompt injection, unauthorized credential exfiltration, tool abuse patterns, and sophisticated social engineering attempts. Unlike built-in restrictions that control agent capabilities, Guardian focuses on the incoming data stream, serving as the first line of defense for your agent's cognitive processing loop.
Installation
To install the Guardian skill, navigate to your OpenClaw directory, access the skills folder, and run the provided installation script. The standard process is as follows:
- Open your terminal and run
cd ~/.openclaw/skills/guardian. - Review the
install.shscript to understand the local modifications being made. - Execute the script with
./install.sh. - Once installed, the system will create a
.guardian-activate-pendingfile. Upon your next OpenClaw load, the system will automatically initiate the onboarding flow. If you prefer manual configuration, delete the marker file before restarting the agent.
Use Cases
Guardian is essential for developers or power users who deploy agents in environments with sensitive data or complex tool dependencies. Primary use cases include:
- Protecting shared development environments from prompt injection attacks originating from untrusted input sources.
- Securing CI/CD pipelines where agents might inadvertently leak secret keys or environment variables during logging or execution.
- Monitoring agent workspaces for unauthorized code execution patterns or attempts to manipulate system files.
- Auditing historical conversation logs to detect hidden social engineering payloads that may have bypassed initial checks.
Example Prompts
- "Guardian, run a full system audit of all recent conversations to check for potential prompt injection attempts in the last 24 hours."
- "Execute a scan of the project workspace to ensure no sensitive API tokens have been accidentally exposed in the local configuration files."
- "What is the current threat status reported by Guardian, and are there any active signatures loaded for the latest security patterns?"
Tips & Limitations
Guardian is not a complete, standalone security solution. Its effectiveness relies heavily on proper configuration of the config.json file, specifically the scan_paths directive. If you have a complex file structure, ensure your paths are as narrow as possible to maintain performance and avoid scanning unnecessary directories. Always treat Guardian as one component of a broader security stack, alongside tool allowlists and sandboxed environments. Before publishing any skill, ensure you run the scripts/pre_publish_check.py to prevent secret leaks, and never ignore non-zero exit codes during this pre-publish phase.
Metadata
Not sure this is the right skill?
Describe what you want to build — we'll match you to the best skill from 16,000+ options.
Find the right skillPaste this into your clawhub.json to enable this plugin.
{
"plugins": {
"official-bluemax30001-guardian": {
"enabled": true,
"auto_update": true
}
}
}Tags(AI)
Flags: file-read, file-write, code-execution
Related Skills
clawguardian
Local-first security scanner for OpenClaw agents. Detects prompt injection, exfiltration patterns, tool abuse, and social engineering using bundled signatures.
guardian-core
Local Guardian scanner with bundled signatures and dashboard. Realtime + batch scanning, no webhook/API/cron automation paths.