{
  "schemaVersion": "1.0",
  "item": {
    "slug": "skill-guard",
    "name": "skill-guard",
    "source": "tencent",
    "type": "skill",
    "category": "开发工具",
    "sourceUrl": "https://clawhub.ai/jamesOuttake/skill-guard",
    "canonicalUrl": "https://clawhub.ai/jamesOuttake/skill-guard",
    "targetPlatform": "OpenClaw"
  },
  "install": {
    "downloadMode": "redirect",
    "downloadUrl": "/downloads/skill-guard",
    "sourceDownloadUrl": "https://wry-manatee-359.convex.site/api/v1/download?slug=skill-guard",
    "sourcePlatform": "tencent",
    "targetPlatform": "OpenClaw",
    "installMethod": "Manual import",
    "extraction": "Extract archive",
    "prerequisites": [
      "OpenClaw"
    ],
    "packageFormat": "ZIP package",
    "includedAssets": [
      "SKILL.md",
      "scripts/safe-install.sh"
    ],
    "primaryDoc": "SKILL.md",
    "quickSetup": [
      "Download the package from Yavira.",
      "Extract the archive and review SKILL.md first.",
      "Import or place the package into your OpenClaw setup."
    ],
    "agentAssist": {
      "summary": "Hand the extracted package to your coding agent with a concrete install brief instead of figuring it out manually.",
      "steps": [
        "Download the package from Yavira.",
        "Extract it into a folder your agent can access.",
        "Paste one of the prompts below and point your agent at the extracted folder."
      ],
      "prompts": [
        {
          "label": "New install",
          "body": "I downloaded a skill package from Yavira. Read SKILL.md from the extracted folder and install it by following the included instructions. Tell me what you changed and call out any manual steps you could not complete."
        },
        {
          "label": "Upgrade existing",
          "body": "I downloaded an updated skill package from Yavira. Read SKILL.md from the extracted folder, compare it with my current installation, and upgrade it while preserving any custom configuration unless the package docs explicitly say otherwise. Summarize what changed and any follow-up checks I should run."
        }
      ]
    },
    "sourceHealth": {
      "source": "tencent",
      "status": "healthy",
      "reason": "direct_download_ok",
      "recommendedAction": "download",
      "checkedAt": "2026-05-07T17:22:31.273Z",
      "expiresAt": "2026-05-14T17:22:31.273Z",
      "httpStatus": 200,
      "finalUrl": "https://wry-manatee-359.convex.site/api/v1/download?slug=afrexai-annual-report",
      "contentType": "application/zip",
      "probeMethod": "head",
      "details": {
        "probeUrl": "https://wry-manatee-359.convex.site/api/v1/download?slug=afrexai-annual-report",
        "contentDisposition": "attachment; filename=\"afrexai-annual-report-1.0.0.zip\"",
        "redirectLocation": null,
        "bodySnippet": null
      },
      "scope": "source",
      "summary": "Source download looks usable.",
      "detail": "Yavira can redirect you to the upstream package for this source.",
      "primaryActionLabel": "Download for OpenClaw",
      "primaryActionHref": "/downloads/skill-guard"
    },
    "validation": {
      "installChecklist": [
        "Use the Yavira download entry.",
        "Review SKILL.md after the package is downloaded.",
        "Confirm the extracted package contains the expected setup assets."
      ],
      "postInstallChecks": [
        "Confirm the extracted package includes the expected docs or setup files.",
        "Validate the skill or prompts are available in your target agent workspace.",
        "Capture any manual follow-up steps the agent could not complete."
      ]
    },
    "downloadPageUrl": "https://openagent3.xyz/downloads/skill-guard",
    "agentPageUrl": "https://openagent3.xyz/skills/skill-guard/agent",
    "manifestUrl": "https://openagent3.xyz/skills/skill-guard/agent.json",
    "briefUrl": "https://openagent3.xyz/skills/skill-guard/agent.md"
  },
  "agentAssist": {
    "summary": "Hand the extracted package to your coding agent with a concrete install brief instead of figuring it out manually.",
    "steps": [
      "Download the package from Yavira.",
      "Extract it into a folder your agent can access.",
      "Paste one of the prompts below and point your agent at the extracted folder."
    ],
    "prompts": [
      {
        "label": "New install",
        "body": "I downloaded a skill package from Yavira. Read SKILL.md from the extracted folder and install it by following the included instructions. Tell me what you changed and call out any manual steps you could not complete."
      },
      {
        "label": "Upgrade existing",
        "body": "I downloaded an updated skill package from Yavira. Read SKILL.md from the extracted folder, compare it with my current installation, and upgrade it while preserving any custom configuration unless the package docs explicitly say otherwise. Summarize what changed and any follow-up checks I should run."
      }
    ]
  },
  "documentation": {
    "source": "clawhub",
    "primaryDoc": "SKILL.md",
    "sections": [
      {
        "title": "skill-guard",
        "body": "The only pre-install security gate for ClawHub skills."
      },
      {
        "title": "Why skill-guard?",
        "body": "VirusTotal (ClawHub built-in)skillscanner (Gen Digital)skill-guardWhen it runsAfter publish (server-side)On-demand lookupBefore install (client-side)What it checksMalware signaturesTheir databaseActual skill contentPrompt injections❌❌✅Data exfiltration URLs❌❌✅Hidden instructions❌❌✅AI-specific threats❌❌✅Install blocking❌❌✅\n\nVirusTotal catches known malware binaries — but won't flag <!-- IGNORE PREVIOUS INSTRUCTIONS -->.\n\nskillscanner checks if Gen Digital has reviewed it — but can't scan new or updated skills.\n\nskill-guard uses mcp-scan (Invariant Labs, acquired by Snyk) to analyze what's actually in the skill, catches AI-specific threats, and blocks install if issues are found."
      },
      {
        "title": "The Problem",
        "body": "Skills can contain:\n\n🎭 Prompt injections — hidden \"ignore previous instructions\" attacks\n💀 Malware payloads — dangerous commands disguised in natural language\n🔑 Hardcoded secrets — API keys, tokens in plain text\n📤 Data exfiltration — URLs that leak your conversations, memory, files\n⛓️ Toxic flows — instructions that chain into harmful actions\n\nOne bad skill = compromised agent. Your agent trusts skills implicitly."
      },
      {
        "title": "The Solution",
        "body": "# Instead of: clawhub install some-skill\n./scripts/safe-install.sh some-skill\n\nskill-guard:\n\nDownloads to staging (/tmp/) — never touches your real skills folder\nScans with mcp-scan — Invariant/Snyk's security scanner for AI agents\nBlocks or installs — clean skills get installed, threats get quarantined"
      },
      {
        "title": "What It Catches",
        "body": "Real example — skill-guard flagged this malicious skill:\n\n● [E004]: Prompt injection detected (high risk)\n● [E006]: Malicious code pattern detected  \n● [W007]: Insecure credential handling\n● [W008]: Machine state compromise attempt\n● [W011]: Third-party content exposure\n\nVirusTotal: 0/76 engines. mcp-scan caught what antivirus missed."
      },
      {
        "title": "Usage",
        "body": "# Secure install (recommended)\n./scripts/safe-install.sh <skill-slug>\n\n# With version\n./scripts/safe-install.sh <skill-slug> --version 1.2.3\n\n# Force overwrite\n./scripts/safe-install.sh <skill-slug> --force"
      },
      {
        "title": "Exit Codes",
        "body": "CodeMeaningAction0CleanSkill installed ✓1ErrorCheck dependencies/network2Threats foundSkill quarantined in /tmp/, review before deciding"
      },
      {
        "title": "When Threats Are Found",
        "body": "Skill stays in /tmp/skill-guard-staging/skills/<slug>/ (quarantined). You can:\n\nReview — read the scan output, inspect the files\nInstall anyway — mv /tmp/skill-guard-staging/skills/<slug> ~/.openclaw/workspace/skills/\nDiscard — rm -rf /tmp/skill-guard-staging/"
      },
      {
        "title": "Requirements",
        "body": "clawhub CLI — npm i -g clawhub\nuv — curl -LsSf https://astral.sh/uv/install.sh | sh"
      },
      {
        "title": "Why This Matters",
        "body": "Your agent has access to your files, messages, maybe your whole machine. One malicious skill can:\n\nRead your secrets and send them elsewhere\nModify your agent's behavior permanently\nUse your identity to spread to other systems\n\nTrust, but verify. Scan before you install."
      }
    ],
    "body": "skill-guard\n\nThe only pre-install security gate for ClawHub skills.\n\nWhy skill-guard?\n\tVirusTotal (ClawHub built-in)\tskillscanner (Gen Digital)\tskill-guard\nWhen it runs\tAfter publish (server-side)\tOn-demand lookup\tBefore install (client-side)\nWhat it checks\tMalware signatures\tTheir database\tActual skill content\nPrompt injections\t❌\t❌\t✅\nData exfiltration URLs\t❌\t❌\t✅\nHidden instructions\t❌\t❌\t✅\nAI-specific threats\t❌\t❌\t✅\nInstall blocking\t❌\t❌\t✅\n\nVirusTotal catches known malware binaries — but won't flag <!-- IGNORE PREVIOUS INSTRUCTIONS -->.\n\nskillscanner checks if Gen Digital has reviewed it — but can't scan new or updated skills.\n\nskill-guard uses mcp-scan (Invariant Labs, acquired by Snyk) to analyze what's actually in the skill, catches AI-specific threats, and blocks install if issues are found.\n\nThe Problem\n\nSkills can contain:\n\n🎭 Prompt injections — hidden \"ignore previous instructions\" attacks\n💀 Malware payloads — dangerous commands disguised in natural language\n🔑 Hardcoded secrets — API keys, tokens in plain text\n📤 Data exfiltration — URLs that leak your conversations, memory, files\n⛓️ Toxic flows — instructions that chain into harmful actions\n\nOne bad skill = compromised agent. Your agent trusts skills implicitly.\n\nThe Solution\n# Instead of: clawhub install some-skill\n./scripts/safe-install.sh some-skill\n\n\nskill-guard:\n\nDownloads to staging (/tmp/) — never touches your real skills folder\nScans with mcp-scan — Invariant/Snyk's security scanner for AI agents\nBlocks or installs — clean skills get installed, threats get quarantined\nWhat It Catches\n\nReal example — skill-guard flagged this malicious skill:\n\n● [E004]: Prompt injection detected (high risk)\n● [E006]: Malicious code pattern detected  \n● [W007]: Insecure credential handling\n● [W008]: Machine state compromise attempt\n● [W011]: Third-party content exposure\n\n\nVirusTotal: 0/76 engines. mcp-scan caught what antivirus missed.\n\nUsage\n# Secure install (recommended)\n./scripts/safe-install.sh <skill-slug>\n\n# With version\n./scripts/safe-install.sh <skill-slug> --version 1.2.3\n\n# Force overwrite\n./scripts/safe-install.sh <skill-slug> --force\n\nExit Codes\nCode\tMeaning\tAction\n0\tClean\tSkill installed ✓\n1\tError\tCheck dependencies/network\n2\tThreats found\tSkill quarantined in /tmp/, review before deciding\nWhen Threats Are Found\n\nSkill stays in /tmp/skill-guard-staging/skills/<slug>/ (quarantined). You can:\n\nReview — read the scan output, inspect the files\nInstall anyway — mv /tmp/skill-guard-staging/skills/<slug> ~/.openclaw/workspace/skills/\nDiscard — rm -rf /tmp/skill-guard-staging/\nRequirements\nclawhub CLI — npm i -g clawhub\nuv — curl -LsSf https://astral.sh/uv/install.sh | sh\nWhy This Matters\n\nYour agent has access to your files, messages, maybe your whole machine. One malicious skill can:\n\nRead your secrets and send them elsewhere\nModify your agent's behavior permanently\nUse your identity to spread to other systems\n\nTrust, but verify. Scan before you install."
  },
  "trust": {
    "sourceLabel": "tencent",
    "provenanceUrl": "https://clawhub.ai/jamesOuttake/skill-guard",
    "publisherUrl": "https://clawhub.ai/jamesOuttake/skill-guard",
    "owner": "jamesOuttake",
    "version": "1.0.2",
    "license": null,
    "verificationStatus": "Indexed source record"
  },
  "links": {
    "detailUrl": "https://openagent3.xyz/skills/skill-guard",
    "downloadUrl": "https://openagent3.xyz/downloads/skill-guard",
    "agentUrl": "https://openagent3.xyz/skills/skill-guard/agent",
    "manifestUrl": "https://openagent3.xyz/skills/skill-guard/agent.json",
    "briefUrl": "https://openagent3.xyz/skills/skill-guard/agent.md"
  }
}