- Home
- Skills
- Prompt Security
- Clawsec
- Clawsec Suite
clawsec-suite_skill
- JavaScript
465
GitHub Stars
5
Bundled Files
2 months ago
Catalog Refreshed
4 months ago
First Indexed
Readme & install
Copy the install command, review bundled files from the catalogue, and read any extended description pulled from the listing source.
Installation
Preview and clipboard use veilstrat where the catalogue uses aiagentskills.
npx veilstrat add skill prompt-security/clawsec --skill clawsec-suite- .clawhubignore147 B
- CHANGELOG.md6.7 KB
- HEARTBEAT.md6.6 KB
- skill.json7.4 KB
- SKILL.md14.0 KB
Overview
This skill is a unified security manager for OpenClaw agents that monitors an advisory feed, verifies signatures and checksums, and enforces approval-gated responses for flagged skills. It bundles feed polling, state tracking, and guarded installation flows while acting as the setup entrypoint for additional ClawSec protections. The suite emphasizes non-destructive defaults, explicit user approvals, and reproducible verification steps.
How this skill works
The suite pulls a signed advisory feed (with a local seed fallback), verifies signatures and checksum manifests, and tracks known advisories in a state file. It cross-references advisories against installed skills, notifies on matches, and requires a second explicit confirmation before removing or allowing risky installs. Setup scripts install an OpenClaw advisory guardian hook and optional cron heartbeat for periodic scans and automatic notifications.
When to use it
- Protect agent skill integrity and detect new security advisories affecting installed skills.
- Enforce an approval-gated workflow before installing or removing third-party skills.
- Automate periodic security checks and avoid duplicate advisory notifications across machines.
- Integrate feed verification into CI or deployment pipelines for controlled skill updates.
- Maintain a central allowlist/suppression config for reviewed first-party tooling.
Best practices
- Always verify and pin public key fingerprints out-of-band before first use.
- Keep feed polling rate-limited (default >= 5 minutes) and use the heartbeat entrypoint for scheduled checks.
- Do not enable unsigned-feed bypass except as a temporary migration step.
- Verify checksums.json signature before trusting file hashes and archives.
- Use the suppression config only after documented review and include a reason and date for audit trails.
Example use cases
- Automatically notify operators when a CRITICAL advisory affects an installed skill and require approval before removal.
- Use guarded installer to block risky skill installs until the user confirms after seeing advisory context.
- Run the heartbeat via cron to scan for new advisories, update suite state, and surface remediation guidance.
- Discover additional security skills from the dynamic catalog and install them through the suite-managed flow.
- Share a single canonical state file across deployments to prevent duplicated alerts during migration.
FAQ
The suite falls back to local embedded feed metadata and local catalog metadata; it treats missing signatures conservatively and will refuse unsigned feeds unless a temporary bypass is set.
How does the guarded install flow work?
An initial install request runs a check; if an advisory matches, the script exits with advisory context and code 42. The user must re-run with --confirm-advisory to proceed, enforcing two explicit confirmations.