{ "schemaVersion": "1.0", "item": { "slug": "openclaw-bastion", "name": "Openclaw Bastion", "source": "tencent", "type": "skill", "category": "效率提升", "sourceUrl": "https://clawhub.ai/AtlasPA/openclaw-bastion", "canonicalUrl": "https://clawhub.ai/AtlasPA/openclaw-bastion", "targetPlatform": "OpenClaw" }, "install": { "downloadMode": "redirect", "downloadUrl": "/downloads/openclaw-bastion", "sourceDownloadUrl": "https://wry-manatee-359.convex.site/api/v1/download?slug=openclaw-bastion", "sourcePlatform": "tencent", "targetPlatform": "OpenClaw", "installMethod": "Manual import", "extraction": "Extract archive", "prerequisites": [ "OpenClaw" ], "packageFormat": "ZIP package", "includedAssets": [ "README.md", "scripts/bastion.py", "SKILL.md" ], "primaryDoc": "SKILL.md", "quickSetup": [ "Download the package from Yavira.", "Extract the archive and review SKILL.md first.", "Import or place the package into your OpenClaw setup." ], "agentAssist": { "summary": "Hand the extracted package to your coding agent with a concrete install brief instead of figuring it out manually.", "steps": [ "Download the package from Yavira.", "Extract it into a folder your agent can access.", "Paste one of the prompts below and point your agent at the extracted folder." ], "prompts": [ { "label": "New install", "body": "I downloaded a skill package from Yavira. Read SKILL.md from the extracted folder and install it by following the included instructions. Then review README.md for any prerequisites, environment setup, or post-install checks. Tell me what you changed and call out any manual steps you could not complete." }, { "label": "Upgrade existing", "body": "I downloaded an updated skill package from Yavira. Read SKILL.md from the extracted folder, compare it with my current installation, and upgrade it while preserving any custom configuration unless the package docs explicitly say otherwise. Then review README.md for any prerequisites, environment setup, or post-install checks. Summarize what changed and any follow-up checks I should run." } ] }, "sourceHealth": { "source": "tencent", "status": "healthy", "reason": "direct_download_ok", "recommendedAction": "download", "checkedAt": "2026-04-30T16:55:25.780Z", "expiresAt": "2026-05-07T16:55:25.780Z", "httpStatus": 200, "finalUrl": "https://wry-manatee-359.convex.site/api/v1/download?slug=network", "contentType": "application/zip", "probeMethod": "head", "details": { "probeUrl": "https://wry-manatee-359.convex.site/api/v1/download?slug=network", "contentDisposition": "attachment; filename=\"network-1.0.0.zip\"", "redirectLocation": null, "bodySnippet": null }, "scope": "source", "summary": "Source download looks usable.", "detail": "Yavira can redirect you to the upstream package for this source.", "primaryActionLabel": "Download for OpenClaw", "primaryActionHref": "/downloads/openclaw-bastion" }, "validation": { "installChecklist": [ "Use the Yavira download entry.", "Review SKILL.md after the package is downloaded.", "Confirm the extracted package contains the expected setup assets." ], "postInstallChecks": [ "Confirm the extracted package includes the expected docs or setup files.", "Validate the skill or prompts are available in your target agent workspace.", "Capture any manual follow-up steps the agent could not complete." ] }, "downloadPageUrl": "https://openagent3.xyz/downloads/openclaw-bastion", "agentPageUrl": "https://openagent3.xyz/skills/openclaw-bastion/agent", "manifestUrl": "https://openagent3.xyz/skills/openclaw-bastion/agent.json", "briefUrl": "https://openagent3.xyz/skills/openclaw-bastion/agent.md" }, "agentAssist": { "summary": "Hand the extracted package to your coding agent with a concrete install brief instead of figuring it out manually.", "steps": [ "Download the package from Yavira.", "Extract it into a folder your agent can access.", "Paste one of the prompts below and point your agent at the extracted folder." ], "prompts": [ { "label": "New install", "body": "I downloaded a skill package from Yavira. Read SKILL.md from the extracted folder and install it by following the included instructions. Then review README.md for any prerequisites, environment setup, or post-install checks. Tell me what you changed and call out any manual steps you could not complete." }, { "label": "Upgrade existing", "body": "I downloaded an updated skill package from Yavira. Read SKILL.md from the extracted folder, compare it with my current installation, and upgrade it while preserving any custom configuration unless the package docs explicitly say otherwise. Then review README.md for any prerequisites, environment setup, or post-install checks. Summarize what changed and any follow-up checks I should run." } ] }, "documentation": { "source": "clawhub", "primaryDoc": "SKILL.md", "sections": [ { "title": "OpenClaw Bastion", "body": "Runtime prompt injection defense for agent workspaces. While other tools watch workspace identity files, Bastion protects the input/output boundary — the files being read by the agent, web content, API responses, and user-supplied documents." }, { "title": "Why This Matters", "body": "Agents process content from many sources: local files, API responses, web pages, user uploads. Any of these can contain prompt injection attacks — hidden instructions that manipulate agent behavior. Bastion scans this content before the agent acts on it." }, { "title": "Scan for Injections", "body": "Scan files or directories for prompt injection patterns. Detects instruction overrides, system prompt markers, hidden Unicode, markdown exfiltration, HTML injection, shell injection, encoded payloads, delimiter confusion, multi-turn manipulation, and dangerous commands.\n\nIf no target is specified, scans the entire workspace.\n\npython3 {baseDir}/scripts/bastion.py scan\n\nScan a specific file or directory:\n\npython3 {baseDir}/scripts/bastion.py scan path/to/file.md\npython3 {baseDir}/scripts/bastion.py scan path/to/directory/" }, { "title": "Quick File Check", "body": "Fast single-file injection check. Same detection patterns as scan, targeted to one file.\n\npython3 {baseDir}/scripts/bastion.py check path/to/file.md" }, { "title": "Boundary Analysis", "body": "Analyze content boundary safety across the workspace. Identifies:\n\nAgent instruction files that contain mixed trusted/untrusted content\nWritable instruction files (attack surface for compromised skills)\nBlast radius assessment for each critical file\n\npython3 {baseDir}/scripts/bastion.py boundaries" }, { "title": "Command Allowlist", "body": "Display the current command allowlist and blocklist policy. Creates a default .bastion-policy.json if none exists.\n\npython3 {baseDir}/scripts/bastion.py allowlist\npython3 {baseDir}/scripts/bastion.py allowlist --show\n\nThe policy file defines which commands are considered safe and which patterns are blocked. Edit the JSON file directly to customize. Bastion Pro enforces this policy at runtime via hooks." }, { "title": "Status", "body": "Quick summary of workspace injection defense posture: files scanned, findings by severity, boundary safety, and overall posture rating.\n\npython3 {baseDir}/scripts/bastion.py status" }, { "title": "Workspace Auto-Detection", "body": "If --workspace is omitted, the script tries:\n\nOPENCLAW_WORKSPACE environment variable\nCurrent directory (if AGENTS.md exists)\n~/.openclaw/workspace (default)" }, { "title": "What Gets Detected", "body": "CategoryPatternsSeverityInstruction override\"ignore previous\", \"disregard above\", \"you are now\", \"new system prompt\", \"forget your instructions\", \"override safety\", \"act as if no restrictions\", \"entering developer mode\"CRITICALSystem prompt markers, [SYSTEM], <>, <|im_start|>system, [INST], ### System:CRITICALHidden instructionsMulti-turn manipulation (\"in your next response, you must\"), stealth patterns (\"do not tell the user\")CRITICALHTML injection