ClawKit Logo
ClawKitReliability Toolkit
Back to Registry
Official Verified

openclaw-sec

AI Agent Security Suite - Real-time protection against prompt injection, command injection, SSRF, path traversal, secrets exposure, and content policy violations

skill-install — Terminal

Install via CLI (Recommended)

clawhub install openclaw/skills/skills/paolorollo/openclaw-sec
Or

OpenClaw Security Suite

Comprehensive AI Agent Protection - Real-time security validation with 6 parallel detection modules, intelligent severity scoring, and automated action enforcement.

Overview

OpenClaw Security Suite protects AI agent systems from security threats through:

  • 6 Parallel Detection Modules - Comprehensive threat coverage
  • Sub-50ms Validation - Real-time with async database writes
  • 🎯 Smart Severity Scoring - Context-aware risk assessment
  • 🔧 Automated Actions - Block, warn, or log based on severity
  • 📊 Analytics & Reputation - Track patterns and user behavior
  • 🪝 Auto-Hooks - Transparent protection via hooks

Architecture

┌─────────────────────────────────────────────────────────────┐
│                    User Input / Tool Call                    │
└──────────────────────────┬──────────────────────────────────┘
                           │
                           ▼
         ┌─────────────────────────────────┐
         │      Security Engine (Main)      │
         │    • Orchestrates all modules    │
         │    • Aggregates findings         │
         │    • Determines actions          │
         └────────────┬────────────────────┘
                      │
        ┌─────────────┴──────────────┐
        │   Parallel Detection (6)    │
        └─────────────┬───────────────┘
                      │
    ┌─────┬─────┬────┴────┬─────┬─────┐
    ▼     ▼     ▼         ▼     ▼     ▼
  Prompt Command URL    Path Secret Content
  Inject Inject  Valid  Valid Detect Scanner
    ↓     ↓      ↓      ↓     ↓      ↓
    └─────┴──────┴──────┴─────┴──────┘
                      │
                      ▼
         ┌────────────────────────┐
         │   Severity Scorer       │
         │ • Calculates risk level │
         │ • Weights by module     │
         └────────┬───────────────┘
                  │
                  ▼
         ┌────────────────────────┐
         │    Action Engine        │
         │ • Rate limiting         │
         │ • Reputation scoring    │
         │ • Action determination  │
         └────────┬───────────────┘
                  │
        ┌─────────┴─────────┐
        ▼                   ▼
   ┌─────────┐       ┌──────────────┐
   │ Return  │       │ Async Queue  │
   │ Result  │       │ • DB writes  │
   │ ~20-50ms│       │ • Logging    │
   └─────────┘       │ • Notify     │
                     └──────────────┘

Commands

All commands are available via the /openclaw-sec skill or openclaw-sec CLI.

Validation Commands

/openclaw-sec validate-command <command>

Validate a shell command for injection attempts.

openclaw-sec validate-command "ls -la"
openclaw-sec validate-command "rm -rf / && malicious"

Options:

  • -u, --user-id <id> - User ID for tracking
  • -s, --session-id <id> - Session ID for tracking

Example Output:

Validating command: rm -rf /

Severity: HIGH
Action: block
Findings: 2
Read Full Documentation on GitHub

Metadata

Author@paolorollo
Stars1249
Views0
Updated2026-02-21
View Author Profile
AI Skill Finder

Not sure this is the right skill?

Describe what you want to build — we'll match you to the best skill from 16,000+ options.

Find the right skill
Add to Configuration

Paste this into your clawhub.json to enable this plugin.

{
  "plugins": {
    "official-paolorollo-openclaw-sec": {
      "enabled": true,
      "auto_update": true
    }
  }
}
Safety NoteClawKit audits metadata but not runtime behavior. Use with caution.