guardian-core
Local Guardian scanner with bundled signatures and dashboard. Realtime + batch scanning, no webhook/API/cron automation paths.
Why use this skill?
Secure your OpenClaw agent with Guardian Core. A local-first, offline threat scanner providing real-time message analysis and SQLite logging for total data privacy.
Install via CLI (Recommended)
clawhub install openclaw/skills/skills/bluemax30001/guardian-coreWhat This Skill Does
Guardian Core serves as the foundational security layer for your OpenClaw environment, acting as a local-first threat detection and integrity scanner. Unlike cloud-dependent security tools, Guardian Core operates entirely offline, utilizing a bundled set of signature definitions to identify malicious patterns or unauthorized content within your data streams. It is designed to be the "first line of defense," providing both real-time pre-scanning of incoming messages and comprehensive batch reporting for historical analysis. The skill writes logs to a local SQLite database (guardian.db) and generates local dashboard files, ensuring that your security audit trail remains on your machine.
Installation
To integrate Guardian Core into your agent workflow, use the primary package manager command:
clawhub install openclaw/skills/skills/bluemax30001/guardian-core
Once the files are pulled, navigate to the local installation directory to finalize configuration:
cd ~/.openclaw/skills/guardian-core
./install.sh
Verify that the service is healthy by checking the administrative suite:
python3 scripts/admin.py status
python3 scripts/admin.py threats
Use Cases
Guardian Core is ideal for users handling sensitive communications or managing automated agents that interact with external inputs. It excels in environments where data privacy is paramount, as the scanning logic does not send data to third-party endpoints. Use it to scan incoming messages from communication platforms, validate file system changes against known threat signatures, or maintain a sanitized log of agent interactions for compliance audits.
Example Prompts
- "Guardian, run a full batch scan on the current workspace logs and show me any identified threats from the last 24 hours."
- "Check the status of my real-time guard and confirm if it is currently filtering messages on the telegram channel."
- "Generate a security report summary for the current session and list all blocked incidents in the local database."
Tips & Limitations
Guardian Core is a lightweight, local-first tool. This means it lacks automated update mechanisms for its signature definitions; you must manually trigger updates or manage them via system scripts. It also does not include webhooks, meaning it will not notify remote services of threats automatically. If you require external alerting (like Slack or Email notifications), you will need to build custom wrappers around the Python API. Ensure the environment variables GUARDIAN_WORKSPACE and GUARDIAN_CONFIG are correctly set to allow the scanner to access the directories you intend to monitor. Because it is a local-only tool, performance is dependent on your host hardware.
Metadata
Not sure this is the right skill?
Describe what you want to build — we'll match you to the best skill from 16,000+ options.
Find the right skillPaste this into your clawhub.json to enable this plugin.
{
"plugins": {
"official-bluemax30001-guardian-core": {
"enabled": true,
"auto_update": true
}
}
}Tags(AI)
Flags: file-write, file-read
Related Skills
clawguardian
One layer in a multi-layer security stack for OpenClaw agents. Intercepts prompt injection, exfiltration attempts, tool abuse, and social engineering before they reach the model. Use alongside OpenClaw's built-in capability restrictions for defense-in-depth.
clawguardian
Local-first security scanner for OpenClaw agents. Detects prompt injection, exfiltration patterns, tool abuse, and social engineering using bundled signatures.