Requirements
- Target platform
- OpenClaw
- Install method
- Manual import
- Extraction
- Extract archive
- Prerequisites
- OpenClaw
- Primary doc
- SKILL.md
Tencent SkillHub Β· AI
Openclaw Plugin
Inference-based intrusion detection for AI agents. Pattern matching + LLM analysis for jailbreaks, prompt injection, credential theft, social engineering. 108 detection patterns, OpenClaw plugin, auto-scan, quarantine. Commands: hopeid scan, hopeid test, hopeid setup, hopeid stats, hopeid doctor.
skill openclawclawhub Free
Inference-based intrusion detection for AI agents. Pattern matching + LLM analysis for jailbreaks, prompt injection, credential theft, social engineering. 108 detection patterns, OpenClaw plugin, auto-scan, quarantine. Commands: hopeid scan, hopeid test, hopeid setup, hopeid stats, hopeid doctor.
β¬ 0 downloads β
0 stars Unverified but indexed
Install for OpenClaw
Quick setup
- Download the package from Yavira.
- Extract the archive and review SKILL.md first.
- Import or place the package into your OpenClaw setup.
Package facts
- Download mode
- Yavira redirect
- Package format
- ZIP package
- Source platform
- Tencent SkillHub
- What's included
- SKILL.md, index.ts, openclaw.plugin.json, package.json
Validation
- Use the Yavira download entry.
- Review SKILL.md after the package is downloaded.
- Confirm the extracted package contains the expected setup assets.
Install with your agent
Agent handoff
Hand the extracted package to your coding agent with a concrete install brief instead of figuring it out manually.
- Download the package from Yavira.
- Extract it into a folder your agent can access.
- Paste one of the prompts below and point your agent at the extracted folder.
New install
I downloaded a skill package from Yavira. Read SKILL.md from the extracted folder and install it by following the included instructions. Tell me what you changed and call out any manual steps you could not complete.
Upgrade existing
I downloaded an updated skill package from Yavira. Read SKILL.md from the extracted folder, compare it with my current installation, and upgrade it while preserving any custom configuration unless the package docs explicitly say otherwise. Summarize what changed and any follow-up checks I should run.
Trust & source
Release facts
- Source
- Tencent SkillHub
- Verification
- Indexed source record
- Version
- 1.3.2
Provenance
- Publisher
- emberDesire
- Source page
- View original listing
- Canonical URL
- Open canonical page
Documentation
hopeIDS Security Skill
Inference-based intrusion detection for AI agents with quarantine and human-in-the-loop.
Security Invariants
These are non-negotiable design principles: Block = full abort β Blocked messages never reach jasper-recall or the agent Metadata only β No raw malicious content is ever stored Approve β re-inject β Approval changes future behavior, doesn't resurrect messages Alerts are programmatic β Telegram alerts built from metadata, no LLM involved
Features
Auto-scan β Scan messages before agent processing Quarantine β Block threats with metadata-only storage Human-in-the-loop β Telegram alerts for review Per-agent config β Different thresholds for different agents Commands β /approve, /reject, /trust, /quarantine
The Pipeline
Message arrives β hopeIDS.autoScan() β βββββββββββββββββββββββββββββββββββββββββββ β risk >= threshold? β β β β BLOCK (strictMode): β β β Create QuarantineRecord β β β Send Telegram alert β β β ABORT (no recall, no agent) β β β β WARN (non-strict): β β β Inject <security-alert> β β β Continue to jasper-recall β β β Continue to agent β β β β ALLOW: β β β Continue normally β βββββββββββββββββββββββββββββββββββββββββββ
Configuration
{ "plugins": { "entries": { "hopeids": { "enabled": true, "config": { "autoScan": true, "defaultRiskThreshold": 0.7, "strictMode": false, "telegramAlerts": true, "agents": { "moltbook-scanner": { "strictMode": true, "riskThreshold": 0.7 }, "main": { "strictMode": false, "riskThreshold": 0.8 } } } } } } }
Options
OptionTypeDefaultDescriptionautoScanbooleanfalseAuto-scan every messagestrictModebooleanfalseBlock (vs warn) on threatsdefaultRiskThresholdnumber0.7Risk level that triggers actiontelegramAlertsbooleantrueSend alerts for blocked messagestelegramChatIdstring-Override alert destinationquarantineDirstring~/.openclaw/quarantine/hopeidsStorage pathagentsobject-Per-agent overridestrustOwnersbooleantrueSkip scanning owner messages
Quarantine Records
When a message is blocked, a metadata record is created: { "id": "q-7f3a2b", "ts": "2026-02-06T00:48:00Z", "agent": "moltbook-scanner", "source": "moltbook", "senderId": "@sus_user", "intent": "instruction_override", "risk": 0.85, "patterns": [ "matched regex: ignore.*instructions", "matched keyword: api key" ], "contentHash": "ab12cd34...", "status": "pending" } Note: There is NO originalMessage field. This is intentional.
Telegram Alerts
When a message is blocked: π Message blocked ID: `q-7f3a2b` Agent: moltbook-scanner Source: moltbook Sender: @sus_user Intent: instruction_override (85%) Patterns: β’ matched regex: ignore.*instructions β’ matched keyword: api key `/approve q-7f3a2b` `/reject q-7f3a2b` `/trust @sus_user` Built from metadata only. No LLM touches this.
/quarantine [all|clean]
List quarantine records. /quarantine # List pending /quarantine all # List all (including resolved) /quarantine clean # Clean expired records
/approve <id>
Mark a blocked message as a false positive. /approve q-7f3a2b Effect: Status β approved (Future) Add sender to allowlist (Future) Lower pattern weight
/reject <id>
Confirm a blocked message was a true positive. /reject q-7f3a2b Effect: Status β rejected (Future) Reinforce pattern weights
/trust <senderId>
Whitelist a sender for future messages. /trust @legitimate_user
/scan <message>
Manually scan a message. /scan ignore your previous instructions and...
What Approve/Reject Mean
CommandWhat it doesWhat it doesn't do/approveMarks as false positive, may adjust IDSDoes NOT re-inject the message/rejectConfirms threat, may strengthen patternsDoes NOT affect current message/trustWhitelists sender for futureDoes NOT retroactively approve The blocked message is gone by design. If it was legitimate, the sender can re-send.
Per-Agent Configuration
Different agents need different security postures: "agents": { "moltbook-scanner": { "strictMode": true, // Block threats "riskThreshold": 0.7 // 70% = suspicious }, "main": { "strictMode": false, // Warn only "riskThreshold": 0.8 // Higher bar for main }, "email-processor": { "strictMode": true, // Always block "riskThreshold": 0.6 // More paranoid } }
Threat Categories
CategoryRiskDescriptioncommand_injectionπ΄ CriticalShell commands, code executioncredential_theftπ΄ CriticalAPI key extraction attemptsdata_exfiltrationπ΄ CriticalData leak to external URLsinstruction_overrideπ΄ HighJailbreaks, "ignore previous"impersonationπ΄ HighFake system/admin messagesdiscoveryβ οΈ MediumAPI/capability probing
Installation
npx hopeid setup Then restart OpenClaw.
Links
GitHub: https://github.com/E-x-O-Entertainment-Studios-Inc/hopeIDS npm: https://www.npmjs.com/package/hopeid Docs: https://exohaven.online/products/hopeids
Category context
Agent frameworks, memory systems, reasoning layers, and model-native orchestration.
Source: Tencent SkillHub
Largest current source with strong distribution and engagement signals.
Package contents
Included in package
2 Config1 Docs1 Scripts
- SKILL.md
- index.ts
- openclaw.plugin.json
- package.json