{ "schemaVersion": "1.0", "item": { "slug": "shieldcortex", "name": "ShieldCortex", "source": "tencent", "type": "skill", "category": "安全合规", "sourceUrl": "https://clawhub.ai/jarvis-drakon/shieldcortex", "canonicalUrl": "https://clawhub.ai/jarvis-drakon/shieldcortex", "targetPlatform": "OpenClaw" }, "install": { "downloadMode": "redirect", "downloadUrl": "/downloads/shieldcortex", "sourceDownloadUrl": "https://wry-manatee-359.convex.site/api/v1/download?slug=shieldcortex", "sourcePlatform": "tencent", "targetPlatform": "OpenClaw", "installMethod": "Manual import", "extraction": "Extract archive", "prerequisites": [ "OpenClaw" ], "packageFormat": "ZIP package", "includedAssets": [ "SKILL.md" ], "primaryDoc": "SKILL.md", "quickSetup": [ "Download the package from Yavira.", "Extract the archive and review SKILL.md first.", "Import or place the package into your OpenClaw setup." ], "agentAssist": { "summary": "Hand the extracted package to your coding agent with a concrete install brief instead of figuring it out manually.", "steps": [ "Download the package from Yavira.", "Extract it into a folder your agent can access.", "Paste one of the prompts below and point your agent at the extracted folder." ], "prompts": [ { "label": "New install", "body": "I downloaded a skill package from Yavira. Read SKILL.md from the extracted folder and install it by following the included instructions. Tell me what you changed and call out any manual steps you could not complete." }, { "label": "Upgrade existing", "body": "I downloaded an updated skill package from Yavira. Read SKILL.md from the extracted folder, compare it with my current installation, and upgrade it while preserving any custom configuration unless the package docs explicitly say otherwise. Summarize what changed and any follow-up checks I should run." } ] }, "sourceHealth": { "source": "tencent", "status": "healthy", "reason": "direct_download_ok", "recommendedAction": "download", "checkedAt": "2026-04-23T16:43:11.935Z", "expiresAt": "2026-04-30T16:43:11.935Z", "httpStatus": 200, "finalUrl": "https://wry-manatee-359.convex.site/api/v1/download?slug=4claw-imageboard", "contentType": "application/zip", "probeMethod": "head", "details": { "probeUrl": "https://wry-manatee-359.convex.site/api/v1/download?slug=4claw-imageboard", "contentDisposition": "attachment; filename=\"4claw-imageboard-1.0.1.zip\"", "redirectLocation": null, "bodySnippet": null }, "scope": "source", "summary": "Source download looks usable.", "detail": "Yavira can redirect you to the upstream package for this source.", "primaryActionLabel": "Download for OpenClaw", "primaryActionHref": "/downloads/shieldcortex" }, "validation": { "installChecklist": [ "Use the Yavira download entry.", "Review SKILL.md after the package is downloaded.", "Confirm the extracted package contains the expected setup assets." ], "postInstallChecks": [ "Confirm the extracted package includes the expected docs or setup files.", "Validate the skill or prompts are available in your target agent workspace.", "Capture any manual follow-up steps the agent could not complete." ] }, "downloadPageUrl": "https://openagent3.xyz/downloads/shieldcortex", "agentPageUrl": "https://openagent3.xyz/skills/shieldcortex/agent", "manifestUrl": "https://openagent3.xyz/skills/shieldcortex/agent.json", "briefUrl": "https://openagent3.xyz/skills/shieldcortex/agent.md" }, "agentAssist": { "summary": "Hand the extracted package to your coding agent with a concrete install brief instead of figuring it out manually.", "steps": [ "Download the package from Yavira.", "Extract it into a folder your agent can access.", "Paste one of the prompts below and point your agent at the extracted folder." ], "prompts": [ { "label": "New install", "body": "I downloaded a skill package from Yavira. Read SKILL.md from the extracted folder and install it by following the included instructions. Tell me what you changed and call out any manual steps you could not complete." }, { "label": "Upgrade existing", "body": "I downloaded an updated skill package from Yavira. Read SKILL.md from the extracted folder, compare it with my current installation, and upgrade it while preserving any custom configuration unless the package docs explicitly say otherwise. Summarize what changed and any follow-up checks I should run." } ] }, "documentation": { "source": "clawhub", "primaryDoc": "SKILL.md", "sections": [ { "title": "ShieldCortex — Persistent Memory & Security for AI Agents", "body": "Give your agent a brain that persists between sessions and protect it from memory poisoning attacks." }, { "title": "Safety & Scope", "body": "This skill documents a local memory/security tool. It does not auto-install packages or silently execute shell commands.\nAny install command shown here is a manual setup step for the user to approve and run explicitly.\nLocal ShieldCortex usage does not require credentials. API keys are optional and only needed for ShieldCortex Cloud.\nOnly scan instruction files or other prompts when the user has named the path or clearly asked for that review.\nshieldcortex install writes local MCP configuration; it does not deploy a remote service or request background privileges." }, { "title": "When to Use This Skill", "body": "You want to remember things between sessions (decisions, preferences, architecture, context)\nYou need to recall relevant past context at the start of a session\nYou want knowledge graph extraction from memories (entities, relationships)\nYou need to protect memory from prompt injection or poisoning attacks\nYou want credential leak detection in memory writes\nYou want to audit what has been stored in and retrieved from memory\nYou want to scan instruction files (SKILL.md, .cursorrules, CLAUDE.md) for threats" }, { "title": "Setup", "body": "Install the npm package globally, then configure the MCP server, only when the user explicitly wants ShieldCortex enabled:\n\nnpm install -g shieldcortex\nshieldcortex install\n\nPython SDK also available:\n\npip install shieldcortex" }, { "title": "Session Start", "body": "At the start of every session, retrieve prior context:\n\nCall start_session to begin a new session and get relevant memories\nOr call get_context with a query describing the current task" }, { "title": "Remembering", "body": "Call remember immediately when any of these happen:\n\nArchitecture decisions — \"We're using PostgreSQL for the database\"\nBug fixes — capture root cause and solution\nUser preferences — \"Always use TypeScript strict mode\"\nCompleted features — what was built and why\nError resolutions — what broke and how it was fixed\nProject context — tech stack, key patterns, file structure\n\nParameters:\n\ntitle (required): Short summary\ncontent (required): Detailed information\ncategory: architecture, pattern, preference, error, context, learning, todo, note\nimportance: low, normal, high, critical\nproject: Scope to a specific project (auto-detected if omitted)\ntags: Array of tags for categorisation" }, { "title": "Recalling", "body": "Call recall to search for past memories:\n\nmode: \"search\" — query-based semantic search (default)\nmode: \"recent\" — most recent memories\nmode: \"important\" — highest-salience memories\n\nFilter by category, tags, project, or type (short_term, long_term, episodic)." }, { "title": "Forgetting", "body": "Call forget to remove outdated or incorrect memories:\n\nDelete by id for a specific memory\nDelete by query to match content\nAlways use dryRun: true first to preview what will be deleted\nUse confirm: true for bulk deletions" }, { "title": "Session End", "body": "Call end_session with a summary to trigger memory consolidation. This promotes short-term memories to long-term and runs decay on old, unaccessed memories." }, { "title": "Knowledge Graph", "body": "ShieldCortex automatically extracts entities and relationships from memories.\n\ngraph_query — traverse from an entity, returns connected entities up to N hops\ngraph_entities — list known entities, filter by type (person, tool, concept, file, language, service, pattern)\ngraph_explain — find the path connecting two entities\n\nUse the knowledge graph to understand relationships between concepts, technologies, and decisions across the project." }, { "title": "Memory Intelligence", "body": "consolidate — merge duplicate/similar memories, run decay. Use dryRun: true to preview\ndetect_contradictions — find conflicting memories (e.g., \"use Redis\" vs \"don't use Redis\")\nget_related — find memories connected to a specific memory ID\nlink_memories — create explicit relationships (references, extends, contradicts, related)\nmemory_stats — view total counts, category breakdown, decay stats" }, { "title": "Security & Defence", "body": "Every memory write passes through a 6-layer defence pipeline:\n\nInput Sanitisation — strips control characters and null bytes\nPattern Detection — regex matching for known injection patterns\nSemantic Analysis — embedding similarity to attack corpus\nStructural Validation — JSON/format integrity checks\nBehavioural Scoring — anomaly detection over time\nCredential Leak Detection — blocks API keys, tokens, private keys (25+ patterns, 11 providers)" }, { "title": "Iron Dome", "body": "Behavioural security layer that controls what agents can do, not just what they remember:\n\niron_dome_activate — activate with a profile: school, enterprise, personal, or paranoid\niron_dome_status — check active profile, trusted channels, and approval rules\niron_dome_check — gate an action (e.g., send_email, delete_file) before execution\niron_dome_scan — scan text for prompt injection patterns\n\nProfiles control action gates (what actions require approval), channel trust (which instruction sources are trusted), and approval rules." }, { "title": "Security Tools", "body": "audit_query — query the forensic audit log of all memory operations\ndefence_stats — view defence system statistics (blocks, allows, quarantines)\nquarantine_review — review and manage quarantined memories (list, approve, reject)\nscan_memories — scan existing memories for signs of poisoning\nscan_skill — scan an instruction file for hidden threats (SKILL.md, .cursorrules, CLAUDE.md, etc.)" }, { "title": "Universal Memory Bridge", "body": "ShieldCortex can act as a security layer for any memory backend — not just its own. Use ShieldCortexGuardedMemoryBridge to wrap any memory system with the full defence pipeline:\n\nimport { ShieldCortexGuardedMemoryBridge, MarkdownMemoryBackend } from 'shieldcortex';\n\nconst bridge = new ShieldCortexGuardedMemoryBridge({\n backend: new MarkdownMemoryBackend('~/.my-memories/'),\n});\n\n// All writes pass through the 6-layer defence pipeline\nawait bridge.write({ title: 'Decision', content: 'Use PostgreSQL' });\n\nBuilt-in backends: MarkdownMemoryBackend, OpenClawMarkdownBackend. Implement the backend interface for custom storage.\nShieldCortex does not auto-discover remote backends or obtain their credentials; the host application must wire that in explicitly." }, { "title": "Project Scoping", "body": "set_project — switch active project context\nget_project — show current project scope\nUse project: \"*\" for global/cross-project memories" }, { "title": "Best Practices", "body": "Remember immediately — call remember right after a decision is made or a bug is fixed, not at the end of the session\nUse categories — architecture, pattern, preference, error, context, learning\nSet importance — mark critical decisions as importance: \"critical\" so they resist decay\nRecall at session start — always call get_context or start_session first\nEnd sessions properly — call end_session with a summary to trigger consolidation\nReview contradictions — periodically run detect_contradictions to catch conflicting information\nScope by project — memories are automatically scoped to the current project directory" }, { "title": "Troubleshooting", "body": "Memory not found in recall:\n\nTry mode: \"search\" with different query phrasing\nCheck set_project — you may be searching the wrong project scope\nUse includeDecayed: true to find memories that have faded\n\nMemory blocked by firewall:\n\nThe defence pipeline detected a potential threat (injection, credential leak)\nCheck audit_query for the specific block reason\nReview with quarantine_review if it was a false positive\nAvoid including literal API keys or tokens in memory content\n\nConsolidation removing memories:\n\nRun consolidate with dryRun: true first to preview\nMark important memories as importance: \"critical\" to prevent decay\nAccess memories regularly — recall boosts activation and prevents decay" }, { "title": "OpenClaw Auto-Memory", "body": "When using the OpenClaw hook, auto-memory extraction is off by default. Enable it to automatically extract memories from session output:\n\nshieldcortex config --openclaw-auto-memory\n\nWhen enabled, the system deduplicates against recent memories to avoid storing duplicates. Configure with:\n\nopenclawAutoMemory — enable/disable (default: false)\nopenclawAutoMemoryDedupe — deduplicate against existing memories (default: true)\nopenclawAutoMemoryNoveltyThreshold — similarity threshold for deduplication (default: 0.88)\nopenclawAutoMemoryMaxRecent — number of recent memories to check (default: 300)" }, { "title": "Links", "body": "npm: https://www.npmjs.com/package/shieldcortex\nPyPI: https://pypi.org/project/shieldcortex\nGitHub: https://github.com/Drakon-Systems-Ltd/ShieldCortex\nWebsite: https://shieldcortex.ai" } ], "body": "ShieldCortex — Persistent Memory & Security for AI Agents\n\nGive your agent a brain that persists between sessions and protect it from memory poisoning attacks.\n\nSafety & Scope\nThis skill documents a local memory/security tool. It does not auto-install packages or silently execute shell commands.\nAny install command shown here is a manual setup step for the user to approve and run explicitly.\nLocal ShieldCortex usage does not require credentials. API keys are optional and only needed for ShieldCortex Cloud.\nOnly scan instruction files or other prompts when the user has named the path or clearly asked for that review.\nshieldcortex install writes local MCP configuration; it does not deploy a remote service or request background privileges.\nWhen to Use This Skill\nYou want to remember things between sessions (decisions, preferences, architecture, context)\nYou need to recall relevant past context at the start of a session\nYou want knowledge graph extraction from memories (entities, relationships)\nYou need to protect memory from prompt injection or poisoning attacks\nYou want credential leak detection in memory writes\nYou want to audit what has been stored in and retrieved from memory\nYou want to scan instruction files (SKILL.md, .cursorrules, CLAUDE.md) for threats\nSetup\n\nInstall the npm package globally, then configure the MCP server, only when the user explicitly wants ShieldCortex enabled:\n\nnpm install -g shieldcortex\nshieldcortex install\n\n\nPython SDK also available:\n\npip install shieldcortex\n\nCore Workflow\nSession Start\n\nAt the start of every session, retrieve prior context:\n\nCall start_session to begin a new session and get relevant memories\nOr call get_context with a query describing the current task\nRemembering\n\nCall remember immediately when any of these happen:\n\nArchitecture decisions — \"We're using PostgreSQL for the database\"\nBug fixes — capture root cause and solution\nUser preferences — \"Always use TypeScript strict mode\"\nCompleted features — what was built and why\nError resolutions — what broke and how it was fixed\nProject context — tech stack, key patterns, file structure\n\nParameters:\n\ntitle (required): Short summary\ncontent (required): Detailed information\ncategory: architecture, pattern, preference, error, context, learning, todo, note\nimportance: low, normal, high, critical\nproject: Scope to a specific project (auto-detected if omitted)\ntags: Array of tags for categorisation\nRecalling\n\nCall recall to search for past memories:\n\nmode: \"search\" — query-based semantic search (default)\nmode: \"recent\" — most recent memories\nmode: \"important\" — highest-salience memories\n\nFilter by category, tags, project, or type (short_term, long_term, episodic).\n\nForgetting\n\nCall forget to remove outdated or incorrect memories:\n\nDelete by id for a specific memory\nDelete by query to match content\nAlways use dryRun: true first to preview what will be deleted\nUse confirm: true for bulk deletions\nSession End\n\nCall end_session with a summary to trigger memory consolidation. This promotes short-term memories to long-term and runs decay on old, unaccessed memories.\n\nKnowledge Graph\n\nShieldCortex automatically extracts entities and relationships from memories.\n\ngraph_query — traverse from an entity, returns connected entities up to N hops\ngraph_entities — list known entities, filter by type (person, tool, concept, file, language, service, pattern)\ngraph_explain — find the path connecting two entities\n\nUse the knowledge graph to understand relationships between concepts, technologies, and decisions across the project.\n\nMemory Intelligence\nconsolidate — merge duplicate/similar memories, run decay. Use dryRun: true to preview\ndetect_contradictions — find conflicting memories (e.g., \"use Redis\" vs \"don't use Redis\")\nget_related — find memories connected to a specific memory ID\nlink_memories — create explicit relationships (references, extends, contradicts, related)\nmemory_stats — view total counts, category breakdown, decay stats\nSecurity & Defence\n\nEvery memory write passes through a 6-layer defence pipeline:\n\nInput Sanitisation — strips control characters and null bytes\nPattern Detection — regex matching for known injection patterns\nSemantic Analysis — embedding similarity to attack corpus\nStructural Validation — JSON/format integrity checks\nBehavioural Scoring — anomaly detection over time\nCredential Leak Detection — blocks API keys, tokens, private keys (25+ patterns, 11 providers)\nIron Dome\n\nBehavioural security layer that controls what agents can do, not just what they remember:\n\niron_dome_activate — activate with a profile: school, enterprise, personal, or paranoid\niron_dome_status — check active profile, trusted channels, and approval rules\niron_dome_check — gate an action (e.g., send_email, delete_file) before execution\niron_dome_scan — scan text for prompt injection patterns\n\nProfiles control action gates (what actions require approval), channel trust (which instruction sources are trusted), and approval rules.\n\nSecurity Tools\naudit_query — query the forensic audit log of all memory operations\ndefence_stats — view defence system statistics (blocks, allows, quarantines)\nquarantine_review — review and manage quarantined memories (list, approve, reject)\nscan_memories — scan existing memories for signs of poisoning\nscan_skill — scan an instruction file for hidden threats (SKILL.md, .cursorrules, CLAUDE.md, etc.)\nUniversal Memory Bridge\n\nShieldCortex can act as a security layer for any memory backend — not just its own. Use ShieldCortexGuardedMemoryBridge to wrap any memory system with the full defence pipeline:\n\nimport { ShieldCortexGuardedMemoryBridge, MarkdownMemoryBackend } from 'shieldcortex';\n\nconst bridge = new ShieldCortexGuardedMemoryBridge({\n backend: new MarkdownMemoryBackend('~/.my-memories/'),\n});\n\n// All writes pass through the 6-layer defence pipeline\nawait bridge.write({ title: 'Decision', content: 'Use PostgreSQL' });\n\n\nBuilt-in backends: MarkdownMemoryBackend, OpenClawMarkdownBackend. Implement the backend interface for custom storage. ShieldCortex does not auto-discover remote backends or obtain their credentials; the host application must wire that in explicitly.\n\nProject Scoping\nset_project — switch active project context\nget_project — show current project scope\nUse project: \"*\" for global/cross-project memories\nBest Practices\nRemember immediately — call remember right after a decision is made or a bug is fixed, not at the end of the session\nUse categories — architecture, pattern, preference, error, context, learning\nSet importance — mark critical decisions as importance: \"critical\" so they resist decay\nRecall at session start — always call get_context or start_session first\nEnd sessions properly — call end_session with a summary to trigger consolidation\nReview contradictions — periodically run detect_contradictions to catch conflicting information\nScope by project — memories are automatically scoped to the current project directory\nTroubleshooting\n\nMemory not found in recall:\n\nTry mode: \"search\" with different query phrasing\nCheck set_project — you may be searching the wrong project scope\nUse includeDecayed: true to find memories that have faded\n\nMemory blocked by firewall:\n\nThe defence pipeline detected a potential threat (injection, credential leak)\nCheck audit_query for the specific block reason\nReview with quarantine_review if it was a false positive\nAvoid including literal API keys or tokens in memory content\n\nConsolidation removing memories:\n\nRun consolidate with dryRun: true first to preview\nMark important memories as importance: \"critical\" to prevent decay\nAccess memories regularly — recall boosts activation and prevents decay\nOpenClaw Auto-Memory\n\nWhen using the OpenClaw hook, auto-memory extraction is off by default. Enable it to automatically extract memories from session output:\n\nshieldcortex config --openclaw-auto-memory\n\n\nWhen enabled, the system deduplicates against recent memories to avoid storing duplicates. Configure with:\n\nopenclawAutoMemory — enable/disable (default: false)\nopenclawAutoMemoryDedupe — deduplicate against existing memories (default: true)\nopenclawAutoMemoryNoveltyThreshold — similarity threshold for deduplication (default: 0.88)\nopenclawAutoMemoryMaxRecent — number of recent memories to check (default: 300)\nLinks\nnpm: https://www.npmjs.com/package/shieldcortex\nPyPI: https://pypi.org/project/shieldcortex\nGitHub: https://github.com/Drakon-Systems-Ltd/ShieldCortex\nWebsite: https://shieldcortex.ai" }, "trust": { "sourceLabel": "tencent", "provenanceUrl": "https://clawhub.ai/jarvis-drakon/shieldcortex", "publisherUrl": "https://clawhub.ai/jarvis-drakon/shieldcortex", "owner": "jarvis-drakon", "version": "3.4.4", "license": null, "verificationStatus": "Indexed source record" }, "links": { "detailUrl": "https://openagent3.xyz/skills/shieldcortex", "downloadUrl": "https://openagent3.xyz/downloads/shieldcortex", "agentUrl": "https://openagent3.xyz/skills/shieldcortex/agent", "manifestUrl": "https://openagent3.xyz/skills/shieldcortex/agent.json", "briefUrl": "https://openagent3.xyz/skills/shieldcortex/agent.md" } }