# Send ShieldCortex to your agent Hand the extracted package to your coding agent with a concrete install brief instead of figuring it out manually. ## Fast path - Download the package from Yavira. - Extract it into a folder your agent can access. - Paste one of the prompts below and point your agent at the extracted folder. ## Suggested prompts ### New install ```text I downloaded a skill package from Yavira. Read SKILL.md from the extracted folder and install it by following the included instructions. Tell me what you changed and call out any manual steps you could not complete. ``` ### Upgrade existing ```text I downloaded an updated skill package from Yavira. Read SKILL.md from the extracted folder, compare it with my current installation, and upgrade it while preserving any custom configuration unless the package docs explicitly say otherwise. Summarize what changed and any follow-up checks I should run. ``` ## Machine-readable fields ```json { "schemaVersion": "1.0", "item": { "slug": "shieldcortex", "name": "ShieldCortex", "source": "tencent", "type": "skill", "category": "安全合规", "sourceUrl": "https://clawhub.ai/jarvis-drakon/shieldcortex", "canonicalUrl": "https://clawhub.ai/jarvis-drakon/shieldcortex", "targetPlatform": "OpenClaw" }, "install": { "downloadUrl": "/downloads/shieldcortex", "sourceDownloadUrl": "https://wry-manatee-359.convex.site/api/v1/download?slug=shieldcortex", "sourcePlatform": "tencent", "targetPlatform": "OpenClaw", "packageFormat": "ZIP package", "primaryDoc": "SKILL.md", "includedAssets": [ "SKILL.md" ], "downloadMode": "redirect", "sourceHealth": { "source": "tencent", "slug": "shieldcortex", "status": "healthy", "reason": "direct_download_ok", "recommendedAction": "download", "checkedAt": "2026-04-29T15:23:08.660Z", "expiresAt": "2026-05-06T15:23:08.660Z", "httpStatus": 200, "finalUrl": "https://wry-manatee-359.convex.site/api/v1/download?slug=shieldcortex", "contentType": "application/zip", "probeMethod": "head", "details": { "probeUrl": "https://wry-manatee-359.convex.site/api/v1/download?slug=shieldcortex", "contentDisposition": "attachment; filename=\"shieldcortex-4.12.11.zip\"", "redirectLocation": null, "bodySnippet": null, "slug": "shieldcortex" }, "scope": "item", "summary": "Item download looks usable.", "detail": "Yavira can redirect you to the upstream package for this item.", "primaryActionLabel": "Download for OpenClaw", "primaryActionHref": "/downloads/shieldcortex" }, "validation": { "installChecklist": [ "Use the Yavira download entry.", "Review SKILL.md after the package is downloaded.", "Confirm the extracted package contains the expected setup assets." ], "postInstallChecks": [ "Confirm the extracted package includes the expected docs or setup files.", "Validate the skill or prompts are available in your target agent workspace.", "Capture any manual follow-up steps the agent could not complete." ] } }, "links": { "detailUrl": "https://openagent3.xyz/skills/shieldcortex", "downloadUrl": "https://openagent3.xyz/downloads/shieldcortex", "agentUrl": "https://openagent3.xyz/skills/shieldcortex/agent", "manifestUrl": "https://openagent3.xyz/skills/shieldcortex/agent.json", "briefUrl": "https://openagent3.xyz/skills/shieldcortex/agent.md" } } ``` ## Documentation ### ShieldCortex — Persistent Memory & Security for AI Agents Give your agent a brain that persists between sessions and protect it from memory poisoning attacks. ### Safety & Scope This skill documents a local memory/security tool. It does not auto-install packages or silently execute shell commands. Any install command shown here is a manual setup step for the user to approve and run explicitly. Local ShieldCortex usage does not require credentials. API keys are optional and only needed for ShieldCortex Cloud. Only scan instruction files or other prompts when the user has named the path or clearly asked for that review. shieldcortex install writes local MCP configuration; it does not deploy a remote service or request background privileges. ### When to Use This Skill You want to remember things between sessions (decisions, preferences, architecture, context) You need to recall relevant past context at the start of a session You want knowledge graph extraction from memories (entities, relationships) You need to protect memory from prompt injection or poisoning attacks You want credential leak detection in memory writes You want to audit what has been stored in and retrieved from memory You want to scan instruction files (SKILL.md, .cursorrules, CLAUDE.md) for threats ### Setup Install the npm package globally, then configure the MCP server, only when the user explicitly wants ShieldCortex enabled: npm install -g shieldcortex shieldcortex install Python SDK also available: pip install shieldcortex ### Session Start At the start of every session, retrieve prior context: Call start_session to begin a new session and get relevant memories Or call get_context with a query describing the current task ### Remembering Call remember immediately when any of these happen: Architecture decisions — "We're using PostgreSQL for the database" Bug fixes — capture root cause and solution User preferences — "Always use TypeScript strict mode" Completed features — what was built and why Error resolutions — what broke and how it was fixed Project context — tech stack, key patterns, file structure Parameters: title (required): Short summary content (required): Detailed information category: architecture, pattern, preference, error, context, learning, todo, note importance: low, normal, high, critical project: Scope to a specific project (auto-detected if omitted) tags: Array of tags for categorisation ### Recalling Call recall to search for past memories: mode: "search" — query-based semantic search (default) mode: "recent" — most recent memories mode: "important" — highest-salience memories Filter by category, tags, project, or type (short_term, long_term, episodic). ### Forgetting Call forget to remove outdated or incorrect memories: Delete by id for a specific memory Delete by query to match content Always use dryRun: true first to preview what will be deleted Use confirm: true for bulk deletions ### Session End Call end_session with a summary to trigger memory consolidation. This promotes short-term memories to long-term and runs decay on old, unaccessed memories. ### Knowledge Graph ShieldCortex automatically extracts entities and relationships from memories. graph_query — traverse from an entity, returns connected entities up to N hops graph_entities — list known entities, filter by type (person, tool, concept, file, language, service, pattern) graph_explain — find the path connecting two entities Use the knowledge graph to understand relationships between concepts, technologies, and decisions across the project. ### Memory Intelligence consolidate — merge duplicate/similar memories, run decay. Use dryRun: true to preview detect_contradictions — find conflicting memories (e.g., "use Redis" vs "don't use Redis") get_related — find memories connected to a specific memory ID link_memories — create explicit relationships (references, extends, contradicts, related) memory_stats — view total counts, category breakdown, decay stats ### Security & Defence Every memory write passes through a 6-layer defence pipeline: Input Sanitisation — strips control characters and null bytes Pattern Detection — regex matching for known injection patterns Semantic Analysis — embedding similarity to attack corpus Structural Validation — JSON/format integrity checks Behavioural Scoring — anomaly detection over time Credential Leak Detection — blocks API keys, tokens, private keys (25+ patterns, 11 providers) ### Iron Dome Behavioural security layer that controls what agents can do, not just what they remember: iron_dome_activate — activate with a profile: school, enterprise, personal, or paranoid iron_dome_status — check active profile, trusted channels, and approval rules iron_dome_check — gate an action (e.g., send_email, delete_file) before execution iron_dome_scan — scan text for prompt injection patterns Profiles control action gates (what actions require approval), channel trust (which instruction sources are trusted), and approval rules. ### Security Tools audit_query — query the forensic audit log of all memory operations defence_stats — view defence system statistics (blocks, allows, quarantines) quarantine_review — review and manage quarantined memories (list, approve, reject) scan_memories — scan existing memories for signs of poisoning scan_skill — scan an instruction file for hidden threats (SKILL.md, .cursorrules, CLAUDE.md, etc.) ### Universal Memory Bridge ShieldCortex can act as a security layer for any memory backend — not just its own. Use ShieldCortexGuardedMemoryBridge to wrap any memory system with the full defence pipeline: import { ShieldCortexGuardedMemoryBridge, MarkdownMemoryBackend } from 'shieldcortex'; const bridge = new ShieldCortexGuardedMemoryBridge({ backend: new MarkdownMemoryBackend('~/.my-memories/'), }); // All writes pass through the 6-layer defence pipeline await bridge.write({ title: 'Decision', content: 'Use PostgreSQL' }); Built-in backends: MarkdownMemoryBackend, OpenClawMarkdownBackend. Implement the backend interface for custom storage. ShieldCortex does not auto-discover remote backends or obtain their credentials; the host application must wire that in explicitly. ### Project Scoping set_project — switch active project context get_project — show current project scope Use project: "*" for global/cross-project memories ### Best Practices Remember immediately — call remember right after a decision is made or a bug is fixed, not at the end of the session Use categories — architecture, pattern, preference, error, context, learning Set importance — mark critical decisions as importance: "critical" so they resist decay Recall at session start — always call get_context or start_session first End sessions properly — call end_session with a summary to trigger consolidation Review contradictions — periodically run detect_contradictions to catch conflicting information Scope by project — memories are automatically scoped to the current project directory ### Troubleshooting Memory not found in recall: Try mode: "search" with different query phrasing Check set_project — you may be searching the wrong project scope Use includeDecayed: true to find memories that have faded Memory blocked by firewall: The defence pipeline detected a potential threat (injection, credential leak) Check audit_query for the specific block reason Review with quarantine_review if it was a false positive Avoid including literal API keys or tokens in memory content Consolidation removing memories: Run consolidate with dryRun: true first to preview Mark important memories as importance: "critical" to prevent decay Access memories regularly — recall boosts activation and prevents decay ### OpenClaw Auto-Memory When using the OpenClaw hook, auto-memory extraction is off by default. Enable it to automatically extract memories from session output: shieldcortex config --openclaw-auto-memory When enabled, the system deduplicates against recent memories to avoid storing duplicates. Configure with: openclawAutoMemory — enable/disable (default: false) openclawAutoMemoryDedupe — deduplicate against existing memories (default: true) openclawAutoMemoryNoveltyThreshold — similarity threshold for deduplication (default: 0.88) openclawAutoMemoryMaxRecent — number of recent memories to check (default: 300) ### Links npm: https://www.npmjs.com/package/shieldcortex PyPI: https://pypi.org/project/shieldcortex GitHub: https://github.com/Drakon-Systems-Ltd/ShieldCortex Website: https://shieldcortex.ai ## Trust - Source: tencent - Verification: Indexed source record - Publisher: jarvis-drakon - Version: 3.4.4 ## Source health - Status: healthy - Item download looks usable. - Yavira can redirect you to the upstream package for this item. - Health scope: item - Reason: direct_download_ok - Checked at: 2026-04-29T15:23:08.660Z - Expires at: 2026-05-06T15:23:08.660Z - Recommended action: Download for OpenClaw ## Links - [Detail page](https://openagent3.xyz/skills/shieldcortex) - [Send to Agent page](https://openagent3.xyz/skills/shieldcortex/agent) - [JSON manifest](https://openagent3.xyz/skills/shieldcortex/agent.json) - [Markdown brief](https://openagent3.xyz/skills/shieldcortex/agent.md) - [Download page](https://openagent3.xyz/downloads/shieldcortex)