๐Ÿ”
12917 skills
โ† All skills
Tencent SkillHub ยท Security & Compliance

ShieldCortex

Security framework for AI agents. Enforces instruction gateway control, external action gating, PII protection, sub-agent sandboxing, prompt injection detect...

skill openclawclawhub Free
0 Downloads
0 Stars
0 Installs
0 Score
High Signal

Security framework for AI agents. Enforces instruction gateway control, external action gating, PII protection, sub-agent sandboxing, prompt injection detect...

โฌ‡ 0 downloads โ˜… 0 stars Unverified but indexed

Install for OpenClaw

Quick setup
  1. Download the package from Yavira.
  2. Extract the archive and review SKILL.md first.
  3. Import or place the package into your OpenClaw setup.

Requirements

Target platform
OpenClaw
Install method
Manual import
Extraction
Extract archive
Prerequisites
OpenClaw
Primary doc
SKILL.md

Package facts

Download mode
Yavira redirect
Package format
ZIP package
Source platform
Tencent SkillHub
What's included
SKILL.md

Validation

  • Use the Yavira download entry.
  • Review SKILL.md after the package is downloaded.
  • Confirm the extracted package contains the expected setup assets.

Install with your agent

Agent handoff

Hand the extracted package to your coding agent with a concrete install brief instead of figuring it out manually.

  1. Download the package from Yavira.
  2. Extract it into a folder your agent can access.
  3. Paste one of the prompts below and point your agent at the extracted folder.
New install

I downloaded a skill package from Yavira. Read SKILL.md from the extracted folder and install it by following the included instructions. Tell me what you changed and call out any manual steps you could not complete.

Upgrade existing

I downloaded an updated skill package from Yavira. Read SKILL.md from the extracted folder, compare it with my current installation, and upgrade it while preserving any custom configuration unless the package docs explicitly say otherwise. Summarize what changed and any follow-up checks I should run.

Open Send to Agent page Open JSON manifest Open Markdown brief

Trust & source

Release facts

Source
Tencent SkillHub
Verification
Indexed source record
Version
3.4.4

Documentation

ClawHub primary doc Primary doc: SKILL.md 20 sections Open source page

ShieldCortex โ€” Persistent Memory & Security for AI Agents

Give your agent a brain that persists between sessions and protect it from memory poisoning attacks.

Safety & Scope

This skill documents a local memory/security tool. It does not auto-install packages or silently execute shell commands. Any install command shown here is a manual setup step for the user to approve and run explicitly. Local ShieldCortex usage does not require credentials. API keys are optional and only needed for ShieldCortex Cloud. Only scan instruction files or other prompts when the user has named the path or clearly asked for that review. shieldcortex install writes local MCP configuration; it does not deploy a remote service or request background privileges.

When to Use This Skill

You want to remember things between sessions (decisions, preferences, architecture, context) You need to recall relevant past context at the start of a session You want knowledge graph extraction from memories (entities, relationships) You need to protect memory from prompt injection or poisoning attacks You want credential leak detection in memory writes You want to audit what has been stored in and retrieved from memory You want to scan instruction files (SKILL.md, .cursorrules, CLAUDE.md) for threats

Setup

Install the npm package globally, then configure the MCP server, only when the user explicitly wants ShieldCortex enabled: npm install -g shieldcortex shieldcortex install Python SDK also available: pip install shieldcortex

Session Start

At the start of every session, retrieve prior context: Call start_session to begin a new session and get relevant memories Or call get_context with a query describing the current task

Remembering

Call remember immediately when any of these happen: Architecture decisions โ€” "We're using PostgreSQL for the database" Bug fixes โ€” capture root cause and solution User preferences โ€” "Always use TypeScript strict mode" Completed features โ€” what was built and why Error resolutions โ€” what broke and how it was fixed Project context โ€” tech stack, key patterns, file structure Parameters: title (required): Short summary content (required): Detailed information category: architecture, pattern, preference, error, context, learning, todo, note importance: low, normal, high, critical project: Scope to a specific project (auto-detected if omitted) tags: Array of tags for categorisation

Recalling

Call recall to search for past memories: mode: "search" โ€” query-based semantic search (default) mode: "recent" โ€” most recent memories mode: "important" โ€” highest-salience memories Filter by category, tags, project, or type (short_term, long_term, episodic).

Forgetting

Call forget to remove outdated or incorrect memories: Delete by id for a specific memory Delete by query to match content Always use dryRun: true first to preview what will be deleted Use confirm: true for bulk deletions

Session End

Call end_session with a summary to trigger memory consolidation. This promotes short-term memories to long-term and runs decay on old, unaccessed memories.

Knowledge Graph

ShieldCortex automatically extracts entities and relationships from memories. graph_query โ€” traverse from an entity, returns connected entities up to N hops graph_entities โ€” list known entities, filter by type (person, tool, concept, file, language, service, pattern) graph_explain โ€” find the path connecting two entities Use the knowledge graph to understand relationships between concepts, technologies, and decisions across the project.

Memory Intelligence

consolidate โ€” merge duplicate/similar memories, run decay. Use dryRun: true to preview detect_contradictions โ€” find conflicting memories (e.g., "use Redis" vs "don't use Redis") get_related โ€” find memories connected to a specific memory ID link_memories โ€” create explicit relationships (references, extends, contradicts, related) memory_stats โ€” view total counts, category breakdown, decay stats

Security & Defence

Every memory write passes through a 6-layer defence pipeline: Input Sanitisation โ€” strips control characters and null bytes Pattern Detection โ€” regex matching for known injection patterns Semantic Analysis โ€” embedding similarity to attack corpus Structural Validation โ€” JSON/format integrity checks Behavioural Scoring โ€” anomaly detection over time Credential Leak Detection โ€” blocks API keys, tokens, private keys (25+ patterns, 11 providers)

Iron Dome

Behavioural security layer that controls what agents can do, not just what they remember: iron_dome_activate โ€” activate with a profile: school, enterprise, personal, or paranoid iron_dome_status โ€” check active profile, trusted channels, and approval rules iron_dome_check โ€” gate an action (e.g., send_email, delete_file) before execution iron_dome_scan โ€” scan text for prompt injection patterns Profiles control action gates (what actions require approval), channel trust (which instruction sources are trusted), and approval rules.

Security Tools

audit_query โ€” query the forensic audit log of all memory operations defence_stats โ€” view defence system statistics (blocks, allows, quarantines) quarantine_review โ€” review and manage quarantined memories (list, approve, reject) scan_memories โ€” scan existing memories for signs of poisoning scan_skill โ€” scan an instruction file for hidden threats (SKILL.md, .cursorrules, CLAUDE.md, etc.)

Universal Memory Bridge

ShieldCortex can act as a security layer for any memory backend โ€” not just its own. Use ShieldCortexGuardedMemoryBridge to wrap any memory system with the full defence pipeline: import { ShieldCortexGuardedMemoryBridge, MarkdownMemoryBackend } from 'shieldcortex'; const bridge = new ShieldCortexGuardedMemoryBridge({ backend: new MarkdownMemoryBackend('~/.my-memories/'), }); // All writes pass through the 6-layer defence pipeline await bridge.write({ title: 'Decision', content: 'Use PostgreSQL' }); Built-in backends: MarkdownMemoryBackend, OpenClawMarkdownBackend. Implement the backend interface for custom storage. ShieldCortex does not auto-discover remote backends or obtain their credentials; the host application must wire that in explicitly.

Project Scoping

set_project โ€” switch active project context get_project โ€” show current project scope Use project: "*" for global/cross-project memories

Best Practices

Remember immediately โ€” call remember right after a decision is made or a bug is fixed, not at the end of the session Use categories โ€” architecture, pattern, preference, error, context, learning Set importance โ€” mark critical decisions as importance: "critical" so they resist decay Recall at session start โ€” always call get_context or start_session first End sessions properly โ€” call end_session with a summary to trigger consolidation Review contradictions โ€” periodically run detect_contradictions to catch conflicting information Scope by project โ€” memories are automatically scoped to the current project directory

Troubleshooting

Memory not found in recall: Try mode: "search" with different query phrasing Check set_project โ€” you may be searching the wrong project scope Use includeDecayed: true to find memories that have faded Memory blocked by firewall: The defence pipeline detected a potential threat (injection, credential leak) Check audit_query for the specific block reason Review with quarantine_review if it was a false positive Avoid including literal API keys or tokens in memory content Consolidation removing memories: Run consolidate with dryRun: true first to preview Mark important memories as importance: "critical" to prevent decay Access memories regularly โ€” recall boosts activation and prevents decay

OpenClaw Auto-Memory

When using the OpenClaw hook, auto-memory extraction is off by default. Enable it to automatically extract memories from session output: shieldcortex config --openclaw-auto-memory When enabled, the system deduplicates against recent memories to avoid storing duplicates. Configure with: openclawAutoMemory โ€” enable/disable (default: false) openclawAutoMemoryDedupe โ€” deduplicate against existing memories (default: true) openclawAutoMemoryNoveltyThreshold โ€” similarity threshold for deduplication (default: 0.88) openclawAutoMemoryMaxRecent โ€” number of recent memories to check (default: 300)

Links

npm: https://www.npmjs.com/package/shieldcortex PyPI: https://pypi.org/project/shieldcortex GitHub: https://github.com/Drakon-Systems-Ltd/ShieldCortex Website: https://shieldcortex.ai

Category context

Identity, auth, scanning, governance, audit, and operational guardrails.

Source: Tencent SkillHub

Largest current source with strong distribution and engagement signals.

Package contents

Included in package
1 Docs
  • SKILL.md Primary doc

Related skills

Tencent SkillHub Free

1-SEC: All-in-One Cybersecurity for AI Agent Hosts

Install, configure, and manage 1-SEC โ€” an open-source, all-in-one cybersecurity platform (16 modules, single binary) on Linux servers and VPS instances. Use...

Security & Compliance skill openclaw
Tencent SkillHub Free

A SecOps expert to handle security issues, ensure that protections are in place and collect evidence for security analysis. The Skill also contains skill integrity checks.

Perform SecOps endpoint checks for EDR, Sysmon, updates, EVTX alerts, least privilege, network exposure, credential protection, vulnerabilities, weekly asses...

Security & Compliance skill openclaw
Tencent SkillHub Free

AI Compliance Readiness Assessment

AI Compliance Readiness Assessment โ€” evaluate how prepared an organization is for AI governance regulations (EU AI Act, NIST AI RMF, HHS mandates, state bar...

Security & Compliance skill openclaw