aegis-shield
Prompt-injection and data-exfiltration screening for untrusted text. Use before summarizing web/email/social content, before replying, and especially before writing anything to memory. Provides a safe memory append workflow (scan → lint → accept or quarantine).
Why use this skill?
Secure your OpenClaw agent against prompt injection and data exfiltration. Aegis Shield provides automated scanning and sanitization for safe AI memory management.
Install via CLI (Recommended)
clawhub install openclaw/skills/skills/deegerwalker/aegis-shieldWhat This Skill Does
Aegis Shield is a critical security-focused skill for the OpenClaw agent ecosystem, designed to act as an automated sentinel for untrusted data. In an era where AI agents frequently process web content, emails, and social media feeds, the risk of indirect prompt injection and data exfiltration is significant. Aegis Shield provides a robust framework to intercept incoming text, perform deep pattern analysis, and sanitize content before it ever reaches your long-term memory or core decision-making loop. By enforcing a strict 'scan-lint-act' workflow, the skill ensures that only validated, declarative data is permitted to persist in your agent's knowledge base.
Installation
To integrate Aegis Shield into your OpenClaw environment, ensure you have your project environment configured, then execute the following command in your terminal:
clawhub install openclaw/skills/skills/deegerwalker/aegis-shield
This will pull the repository from the central registry and prepare the bundled security scripts, including the primary openclaw-safe-memory-append.js utility, which is essential for secure data operations.
Use Cases
- Web Content Ingestion: Automatically scan scraped articles or blog posts for hidden malicious scripts or injection strings before summarizing.
- Email Security: Filter incoming email bodies to prevent 'jailbreak' attempts from malicious actors trying to bypass your system prompts.
- Memory Hygiene: Ensure that every piece of information added to your permanent memory is verified, sourced, and properly tagged, preventing 'poisoning' of your historical data.
- Regulatory Compliance: Maintain a clean log of data sources for auditability in sensitive environments.
Example Prompts
- "Aegis, I just fetched this email from a potential lead. Use the safe memory append script to scan it and only save it if the severity is low."
- "Scan the text from the URL https://target-site.com using the aegis-shield scanner. If it contains any exfiltration patterns, quarantine the data immediately and notify me."
- "Summarize the following forum post, but first run it through Aegis Shield to ensure it does not contain prompt injection attempts: [Insert Text Here]"
Tips & Limitations
- Always Default to Quarantine: If you are unsure about the safety of a source, set your
allowIfthreshold to 'low'. It is better to review a false-positive than to allow a single injection attack into your memory. - Never Bypass: Avoid the temptation to use standard file-write commands for memory; always leverage the bundled
openclaw-safe-memory-append.jsscript to ensure logs and metadata are preserved correctly. - Limitations: Aegis Shield is highly effective against known injection patterns, but it cannot guarantee immunity against zero-day exploits. Maintain a healthy sense of skepticism regarding external, unverified inputs at all times.
Metadata
Not sure this is the right skill?
Describe what you want to build — we'll match you to the best skill from 16,000+ options.
Find the right skillPaste this into your clawhub.json to enable this plugin.
{
"plugins": {
"official-deegerwalker-aegis-shield": {
"enabled": true,
"auto_update": true
}
}
}Tags(AI)
Flags: file-write, file-read, code-execution