2.5k
GitHub Stars
3
Bundled Files
2 months ago
Catalog Refreshed
3 months ago
First Indexed
Readme & install
Copy the install command, review bundled files from the catalogue, and read any extended description pulled from the listing source.
Installation
Preview and clipboard use veilstrat where the catalogue uses aiagentskills.
npx veilstrat add skill openclaw/skills --skill input-validator- _meta.json286 B
- README.md1.5 KB
- SKILL.md7.8 KB
Overview
This skill is a gentle input validator that scans web pages, files, messages, and API responses for clearly malicious or suspicious content. It blocks high-risk commands and flags questionable patterns while aiming not to disrupt normal workflows. The design favors low false positives, fast performance, and easy integration into agents or pipelines.
How this skill works
The validator applies two-tier pattern checks: a set of dangerous patterns that trigger blocking, and a set of suspicious patterns that generate warnings. It returns a simple JSON result with fields for safe, warnings, and dangerous to allow calling code to decide how to proceed. Rules are regex-based, easy to extend, and the validator supports a strict mode for more aggressive detection.
When to use it
- After fetching a web page or API response before summarizing or acting on content
- When a user uploads a file to ensure it contains no executable or destructive commands
- For RSS or feed ingestion to avoid propagating malicious content
- Before executing generated code snippets or shell commands returned by external sources
- As a lightweight pre-check in agents that interact with untrusted input
Best practices
- Call validate_input immediately after fetching or receiving external content
- Treat dangerous results as outright rejects and suspicious results as prompts for human review
- Keep rule lists under version control and add context-specific patterns when needed
- Use strict mode for automated execution paths and gentle mode for human-facing summarization
- Log detections with context and timestamps for auditing and tuning
Example use cases
- Safe web fetch: validate HTML before summarizing to users or agents
- File uploads: scan file text for destructive shell commands before processing
- RSS subscription: block feeds that contain malware distribution patterns
- Agent workflows: pre-validate external API responses before passing them to downstream tools
- CI/CD hooks: scan build logs for suspicious command injection attempts
FAQ
A JSON object with safe (boolean), warnings (list), and dangerous (list) so callers can block, warn, or accept.
Can I add custom rules?
Yes. Add regex entries to the dangerous or suspicious pattern lists and adjust strict mode to tune sensitivity.