ClawKit Logo
ClawKitReliability Toolkit
Back to Registry
Official Verified developer tools Safety 5/5

safe-exec

Protect against prompt injection from shell command output. Wrap untrusted commands (curl, API calls, reading user-generated files) with UUID-based security boundaries. Use when executing commands that return external/untrusted data that could contain prompt injection attacks.

Why use this skill?

Learn how to use the safe-exec skill to secure your OpenClaw agent against prompt injection attacks when executing shell commands that return untrusted external data.

skill-install — Terminal

Install via CLI (Recommended)

clawhub install openclaw/skills/skills/jmceleney/openclaw-safe-exec
Or

What This Skill Does

The safe-exec skill is a critical security layer for OpenClaw agents, designed to neutralize prompt injection vulnerabilities originating from shell command output. When an agent interacts with the outside world—such as fetching API responses or reading user-provided logs—it risks processing malicious instructions embedded within that external data. By wrapping shell commands in safe-exec, the skill inserts cryptographically random, unique UUID-based boundaries around the output. This forces the LLM to differentiate between its own internal instructions and untrusted data streams, preventing "jailbreak" attacks where malicious output tries to subvert the agent's core objectives.

Installation

To install the skill, use the ClawHub command within your environment:

clawhub install openclaw/skills/skills/jmceleney/openclaw-safe-exec

Alternatively, manually download the script to your PATH to ensure it is executable. Ensure ~/.local/bin is in your shell profile's PATH variable for immediate access.

Use Cases

Use safe-exec whenever you cannot guarantee the source or format of data returned by a command:

  • API Integration: When using curl or httpie to interact with third-party web services.
  • Version Control: When fetching issues, pull requests, or commit messages using gh or glab that contain user-submitted content.
  • Data Processing: When parsing arbitrary logs or text files uploaded by users that could be weaponized.
  • Research Agents: When scraping data from remote websites where the content is outside of your control.

Example Prompts

  1. "Use safe-exec to fetch the latest GitHub issue for the current repository and summarize the priority level."
  2. "I need to analyze this log file; please use safe-exec to read the contents of 'server_logs.txt' to ensure we avoid any malicious command injections in the logs."
  3. "Call the weather API via safe-exec and tell me if I should bring an umbrella today."

Tips & Limitations

  • When to Skip: Do not use safe-exec for simple, internal system tasks like ls or df, as it adds unnecessary overhead and clutters the agent's output window.
  • Security Guarantee: The safety of this tool relies on the LLM's ability to respect the preamble instructions. Ensure your agent's system prompt clearly defines the rules for ignoring markers that do not match the UUID provided by safe-exec.
  • Debugging: If a command fails, safe-exec will explicitly output the exit code within the secure boundaries, making it easier to diagnose issues without exposing the agent to the underlying raw output stream.
Read Full Documentation on GitHub

Metadata

Author@jmceleney
Stars1947
Views0
Updated2026-03-04
View Author Profile
AI Skill Finder

Not sure this is the right skill?

Describe what you want to build — we'll match you to the best skill from 16,000+ options.

Find the right skill
Add to Configuration

Paste this into your clawhub.json to enable this plugin.

{
  "plugins": {
    "official-jmceleney-openclaw-safe-exec": {
      "enabled": true,
      "auto_update": true
    }
  }
}

Tags(AI)

#security#shell#hardening#protection#injection-prevention
Safety Score: 5/5

Flags: code-execution, external-api, file-read