Little Steve Agent Guard
Skill by echoofzion
Install via CLI (Recommended)
clawhub install openclaw/skills/skills/echoofzion/little-steve-agent-guardname: little-steve-agent-guard version: 0.1.4 description: Little Steve Agent Guard: a self-evolving security system for agent skills. Wraps all skill commands with risk assessment, audit logging, approval levels, and continuous rule evolution. / 小史安全卫士:面向 Agent Skill 的自进化安全系统。为所有技能命令提供风险评估、审计日志、分级审批和持续规则进化。 homepage: https://github.com/EchoOfZion/little-steve-agent-guard requires: bins: - jq
Little Steve Agent Guard
A self-evolving security system for agent skills. Wraps all skill command execution with risk assessment, audit logging, tiered approval, and continuous rule learning.
Dependencies
- jq (required) — install via
brew install jqorapt install jq
Filesystem Scope
This is a cross-skill security guard. By design, it needs read access to other skills' directories to:
guard-exec.sh: read target scripts for static risk analysis before executioncapability-diff.sh: compare a skill's SKILL.md declarations against its actual scripts
The guard does not write to other skills' directories. All writes (audit logs, rules) stay within its own reports/ and rules/ directories.
Bypass & Emergency Procedures
The runbook (docs/runbook.md) documents emergency bypass procedures (circuit-break, manual script execution, log reset). These are human-operator-only actions for when the guard itself malfunctions. The agent must never execute bypass procedures autonomously.
CRITICAL: Execution Rule
ALL skill script executions MUST go through guard-exec.sh. Never call skill scripts directly. Always use:
bash {baseDir}/scripts/guard-exec.sh exec <script-path> [args...]
Example:
bash {baseDir}/scripts/guard-exec.sh exec {workspaceDir}/skills/<other-skill>/scripts/<script>.sh <command> [args...]
Approval Levels
- L1 (low/medium risk): Auto-execute, audit logged
- L2 (dry-run): Preview without executing
- L3 (high risk): Block and prompt user — output warning, wait for user to reply "确认" or "confirm"
- BLOCK (critical): Reject entirely, no execution possible
When guard-exec.sh returns exit code 10 (prompt), present the warning to the user and wait for confirmation. On "确认"/"confirm", re-run with confirm instead of exec.
Agent Command Conventions
- Execute a skill command (with guard)
bash {baseDir}/scripts/guard-exec.sh exec <script> [args...]
- Confirm a prompted action (after user approval)
bash {baseDir}/scripts/guard-exec.sh confirm <script> [args...]
- Preview without executing
bash {baseDir}/scripts/guard-exec.sh dry-run <script> [args...]
- Quick risk check
bash {baseDir}/scripts/guard-exec.sh check <script> [args...]
- Run capability consistency check on a skill
bash {baseDir}/scripts/capability-diff.sh check --skill-dir <skill-path>
- View audit stats
bash {baseDir}/scripts/audit.sh stats
Metadata
Not sure this is the right skill?
Describe what you want to build — we'll match you to the best skill from 16,000+ options.
Find the right skillPaste this into your clawhub.json to enable this plugin.
{
"plugins": {
"official-echoofzion-little-steve-agent-guard": {
"enabled": true,
"auto_update": true
}
}
}