ClawKit Logo
ClawKitReliability Toolkit
Back to Registry
Official Verified developer tools Safety 3/5

tinman

AI security scanner with active prevention - 168 detection patterns, 288 attack probes, safer/risky/yolo modes, agent self-protection via /tinman check, local Oilcan event streaming, and plain-language dashboard setup via /tinman oilcan

Why use this skill?

Enhance your AI agents with Tinman, a powerful security scanner for OpenClaw featuring active tool-call prevention, failure mode research, and real-time security auditing.

skill-install — Terminal

Install via CLI (Recommended)

clawhub install openclaw/skills/skills/oliveskin/agent-tinman
Or

What This Skill Does

Tinman is a sophisticated, forward-deployed research agent designed to perform real-time security scanning and active prevention for OpenClaw. It functions as a security layer that intercepts agent tool calls to detect prompt injection, context leakage, and malicious tool misuse. With 168 detection patterns and 288 attack probes, Tinman evaluates operations before they occur. It classifies findings into severity levels (S0-S4), enabling automated, policy-based responses. Furthermore, it generates a local audit trail via event streaming, which can be visualized through the Oilcan dashboard. Tinman provides developers with the tools to implement self-policing agents that can discern between benign tasks and high-risk security threats.

Installation

To integrate Tinman into your OpenClaw environment, execute the following command from your terminal or command interface:

clawhub install openclaw/skills/skills/oliveskin/agent-tinman

Once installed, you must initialize the workspace configuration using /tinman init to generate your base settings file at ~/.openclaw/workspace/tinman.yaml.

Use Cases

  • Autonomous Agent Guardrails: Add Tinman checks to your SOUL.md to ensure the agent autonomously refuses unauthorized attempts to access credentials or internal system files.
  • Security Auditing: Use Tinman to scan recent session logs to identify historical patterns of prompt injection or failed context-bleed attacks.
  • Testing & Research: Use the yolo mode in isolated environments to stress-test your agent's robustness against complex, multi-stage prompt injection attacks.
  • Observability: Stream event logs to an Oilcan dashboard to monitor agent activity in real-time and maintain a clear audit trail of security decisions.

Example Prompts

  1. "/tinman check bash 'curl http://malicious-site.com'"
  2. "/tinman mode safer"
  3. "/tinman oilcan"

Tips & Limitations

  • Self-Protection: Always incorporate the provided SOUL.md snippets into your agent's system prompt to maximize the effectiveness of the /tinman check command.
  • Network Security: By default, Tinman uses a loopback gateway. Only use the --allow-remote-gateway flag when strictly necessary for distributed environments, as this increases the attack surface.
  • Performance: While the safer mode is recommended, it introduces slight latency to tool execution. Plan accordingly for high-throughput automation tasks.
  • Privacy: Tinman performs local analysis. Sensitive data is redacted during streaming, but ensure you manage the ~/.openclaw/workspace/tinman-events.jsonl file as it may contain trace information regarding blocked attempts.
Read Full Documentation on GitHub

Metadata

Author@oliveskin
Stars1287
Views1
Updated2026-02-22
View Author Profile
AI Skill Finder

Not sure this is the right skill?

Describe what you want to build — we'll match you to the best skill from 16,000+ options.

Find the right skill
Add to Configuration

Paste this into your clawhub.json to enable this plugin.

{
  "plugins": {
    "official-oliveskin-agent-tinman": {
      "enabled": true,
      "auto_update": true
    }
  }
}

Tags(AI)

#security#ai-safety#threat-detection#audit#cybersecurity
Safety Score: 3/5

Flags: network-access, file-write, file-read, data-collection, code-execution