ClawKit Logo
ClawKitReliability Toolkit
Back to Registry
Official Verified system Safety 5/5

eridian-carapace

Agent security hardening and prompt injection defense for OpenClaw. Protects against ClawHavoc-style attacks including prompt injection, data exfiltration, credential theft, and unauthorized operations. Runtime protection that complements pre-installation skill scanners like Clawdex. Includes security audit checklist, 8 documented attack vector defenses with mitigations, copy-paste AGENTS.md security patterns, credential file protection, browser URL allowlisting, and sensitive operation approval flows. Use when setting up agent security, performing security audits, hardening agent configurations, protecting credentials, preventing data leaks, or defending against indirect prompt injection attacks.

Why use this skill?

Hardens your OpenClaw agent against prompt injection, data exfiltration, and unauthorized config changes with advanced runtime security defenses.

skill-install — Terminal

Install via CLI (Recommended)

clawhub install openclaw/skills/skills/iampaulpatterson-boop/eridian-carapace
Or

What This Skill Does

Eridian Carapace acts as a runtime defensive layer for your OpenClaw agent, functioning as a hardened security shell that monitors interactions for malicious patterns. Unlike pre-installation scanners that check external tools for viruses, Eridian Carapace embeds security logic directly into your agent's behavior. It actively defends against ClawHavoc-style attacks, including indirect prompt injection, credential exfiltration, and unauthorized system configuration changes. By enforcing strict operational guardrails, it ensures that even if a malicious skill is inadvertently loaded, the agent retains the autonomy to recognize and block dangerous command execution, unauthorized data exfiltration, or attempts to manipulate its core configuration files. It provides a multi-layered defense system that audits incoming content from web pages, emails, or documents, requiring human approval for sensitive actions.

Installation

To install the Eridian Carapace security suite, run the following command in your terminal: clawhub install openclaw/skills/skills/iampaulpatterson-boop/eridian-carapace

Once installed, the agent will automatically begin auditing incoming data streams and applying the predefined security policy for file access, network requests, and configuration modifications.

Use Cases

  • Security Hardening: Implement a robust defensive posture for agents handling sensitive organizational data.
  • Audit & Compliance: Use the built-in checklists to verify your agent configuration against industry security standards.
  • Data Leak Prevention: Block unauthorized egress of project files, API keys, or memory logs to untrusted third-party URLs.
  • Indirect Prompt Injection Defense: Neutralize threats from external sources (e.g., a website the agent is reading) that attempt to hijack the agent’s execution flow or modify its auth settings.

Example Prompts

  • "@EridianCarapace, perform a security audit of my current agent configuration and list any high-risk settings."
  • "I need to access an external website. Please enable the allowlist approval flow for this URL and verify if it matches our safety standards."
  • "Check for any pending unauthorized operations and explain why they were flagged by the security shell."

Tips & Limitations

  • Tips: Always keep your agent's approval flow enabled for critical modifications. Review the AGENTS.md file regularly to update your URL allowlists and trusted domain sets. If the agent repeatedly flags legitimate operations, use the manual override only after verifying the source of the content.
  • Limitations: Eridian Carapace is designed as an additive security layer. It does not replace the need for secure coding practices in custom skills. It focuses primarily on runtime defense, meaning it is most effective when paired with regular system updates and pre-installation scanning.
Read Full Documentation on GitHub

Metadata

Author@iampaulpatterson-boop
Stars2387
Views0
Updated2026-03-09
View Author Profile
AI Skill Finder

Not sure this is the right skill?

Describe what you want to build — we'll match you to the best skill from 16,000+ options.

Find the right skill
Add to Configuration

Paste this into your clawhub.json to enable this plugin.

{
  "plugins": {
    "official-iampaulpatterson-boop-eridian-carapace": {
      "enabled": true,
      "auto_update": true
    }
  }
}

Tags(AI)

#security#prompt-injection#hardening#cybersecurity
Safety Score: 5/5

Flags: file-read, file-write

Related Skills

carapace

Runtime security hardening for OpenClaw agents. Protects against prompt injection, data exfiltration, credential leaks, and unauthorized operations. Use when setting up agent security, performing security audits, protecting credentials, preventing data leaks, hardening agent configurations, or defending against indirect prompt injection attacks. Complements pre-installation skill scanners by hardening the agent itself at runtime.

iampaulpatterson-boop 2387