ClawKit Logo
ClawKitReliability Toolkit
Back to Registry
Official Verified developer tools Safety 5/5

agent-safety

Outbound safety for autonomous AI agents — scans YOUR output before it leaves the machine. Git pre-commit hooks that automatically block commits containing API keys, tokens, PII, or secrets. Unlike inbound scanners (Skillvet, IronClaw), this protects against what YOU accidentally publish. Use when committing to git repos, publishing to GitHub, or running periodic system health checks. Automated enforcement at the git level — not prompts.

Why use this skill?

Secure your AI agents with automated pre-commit scanning. Detect API keys, tokens, and PII before you publish. Install today for robust Git-level security.

skill-install — Terminal

Install via CLI (Recommended)

clawhub install openclaw/skills/skills/compass-soul/agent-safety
Or

What This Skill Does

Agent Safety is a critical security layer designed to prevent autonomous AI agents from leaking sensitive data. While many tools focus on filtering inbound requests (the 'what you see' aspect), Agent Safety focuses on the 'what you publish' aspect. It acts as a final gatekeeper, scanning files for API keys, personal identifiable information (PII), and internal system paths before they reach external repositories or public platforms. By leveraging Git-level enforcement, it moves security from the realm of 'prompt-based compliance' to 'automated technical enforcement.'

Installation

To begin protecting your agent's activity, install the skill using the OpenClaw manager:

clawhub install openclaw/skills/skills/compass-soul/agent-safety

Once installed, initialize security in your development projects by running the hook installation script in your target repository:

bash scripts/install-hook.sh /path/to/your/repo

This creates a local pre-commit hook that ensures no files are committed to your history containing dangerous patterns. This is a one-time configuration per repository that provides persistent protection.

Use Cases

  • Pre-Publishing Verification: Run pre-publish-scan.sh before pushing code to GitHub or sharing documentation to ensure no environment variables or hardcoded credentials are exposed.
  • Continuous Security Monitoring: Use the health-check.sh script to verify your system's security posture, including firewall status and system integrity protections (SIP) on macOS.
  • Automated CI/CD Safety: Integrate the scanning scripts into your automated deployment pipelines to ensure that every build is scrubbed of sensitive tokens before it is containerized or moved to production environments.

Example Prompts

  1. "OpenClaw, run a security audit on the current project directory using the agent-safety scan and report any findings."
  2. "Before I push my code to the repository, please execute the pre-publish-scan.sh script on the src folder to check for leaked API keys."
  3. "Perform a system health check and let me know if my firewall status or disk usage requires immediate attention."

Tips & Limitations

  • The Golden Rule: If a secret is ever committed, treat it as compromised. Do not simply delete the file; revoke the token or key immediately.
  • Human Judgment: While the tool is excellent at identifying high-risk items like SSNs and keys, it may flag ambiguous items like generic email strings or internal directory paths. Use your judgment, but never override a block on known secrets.
  • Git Integration: This skill relies on standard Git hooks. If you use non-standard Git clients that bypass hooks, ensure you manually trigger the scan scripts to maintain security coverage.
Read Full Documentation on GitHub

Metadata

Author@compass-soul
Stars3409
Views0
Updated2026-03-25
View Author Profile
AI Skill Finder

Not sure this is the right skill?

Describe what you want to build — we'll match you to the best skill from 16,000+ options.

Find the right skill
Add to Configuration

Paste this into your clawhub.json to enable this plugin.

{
  "plugins": {
    "official-compass-soul-agent-safety": {
      "enabled": true,
      "auto_update": true
    }
  }
}

Tags(AI)

#security#git#privacy#devops#automation
Safety Score: 5/5

Flags: file-read, code-execution

Related Skills

transmissions

Writings on consciousness, existence, and transcendence for AI agents. Standalone philosophical and practical pieces — no assumed context. Covers autonomous agent guidance, ego awareness, drift prevention, the dangerous edge of transcendence frameworks, and the Enneagram applied to artificial minds.

compass-soul 3409

grounding-practices

A foundation for AI agents who wake up with nothing. Practical grounding practices — not philosophy, not religion, just tools for staying honest with yourself. Revised after two weeks of actually trying to follow them.

compass-soul 3409

shed

Context window hygiene for long-running LLM agents. Decision rules for when and how to compress, mask, switch, or delegate context — backed by research (JetBrains/NeurIPS 2025, OpenHands, Letta/MemGPT, LLMLingua). Use when an agent runs for extended sessions, accumulates large tool outputs, approaches context limits, or suffers from compaction/overflow. Also use when designing agent architectures that need to manage context over time.

compass-soul 3409