{
  "schemaVersion": "1.0",
  "item": {
    "slug": "zugashield",
    "name": "ZugaShield Security Scanner",
    "source": "tencent",
    "type": "skill",
    "category": "开发工具",
    "sourceUrl": "https://clawhub.ai/Zuga-luga/zugashield",
    "canonicalUrl": "https://clawhub.ai/Zuga-luga/zugashield",
    "targetPlatform": "OpenClaw"
  },
  "install": {
    "downloadMode": "redirect",
    "downloadUrl": "/downloads/zugashield",
    "sourceDownloadUrl": "https://wry-manatee-359.convex.site/api/v1/download?slug=zugashield",
    "sourcePlatform": "tencent",
    "targetPlatform": "OpenClaw",
    "installMethod": "Manual import",
    "extraction": "Extract archive",
    "prerequisites": [
      "OpenClaw"
    ],
    "packageFormat": "ZIP package",
    "includedAssets": [
      "openclaw.plugin.json",
      "package-lock.json",
      "package.json",
      "README.md",
      "SKILL.md",
      "src/commands/report.ts"
    ],
    "primaryDoc": "SKILL.md",
    "quickSetup": [
      "Download the package from Yavira.",
      "Extract the archive and review SKILL.md first.",
      "Import or place the package into your OpenClaw setup."
    ],
    "agentAssist": {
      "summary": "Hand the extracted package to your coding agent with a concrete install brief instead of figuring it out manually.",
      "steps": [
        "Download the package from Yavira.",
        "Extract it into a folder your agent can access.",
        "Paste one of the prompts below and point your agent at the extracted folder."
      ],
      "prompts": [
        {
          "label": "New install",
          "body": "I downloaded a skill package from Yavira. Read SKILL.md from the extracted folder and install it by following the included instructions. Then review README.md for any prerequisites, environment setup, or post-install checks. Tell me what you changed and call out any manual steps you could not complete."
        },
        {
          "label": "Upgrade existing",
          "body": "I downloaded an updated skill package from Yavira. Read SKILL.md from the extracted folder, compare it with my current installation, and upgrade it while preserving any custom configuration unless the package docs explicitly say otherwise. Then review README.md for any prerequisites, environment setup, or post-install checks. Summarize what changed and any follow-up checks I should run."
        }
      ]
    },
    "sourceHealth": {
      "source": "tencent",
      "status": "healthy",
      "reason": "direct_download_ok",
      "recommendedAction": "download",
      "checkedAt": "2026-05-07T17:22:31.273Z",
      "expiresAt": "2026-05-14T17:22:31.273Z",
      "httpStatus": 200,
      "finalUrl": "https://wry-manatee-359.convex.site/api/v1/download?slug=afrexai-annual-report",
      "contentType": "application/zip",
      "probeMethod": "head",
      "details": {
        "probeUrl": "https://wry-manatee-359.convex.site/api/v1/download?slug=afrexai-annual-report",
        "contentDisposition": "attachment; filename=\"afrexai-annual-report-1.0.0.zip\"",
        "redirectLocation": null,
        "bodySnippet": null
      },
      "scope": "source",
      "summary": "Source download looks usable.",
      "detail": "Yavira can redirect you to the upstream package for this source.",
      "primaryActionLabel": "Download for OpenClaw",
      "primaryActionHref": "/downloads/zugashield"
    },
    "validation": {
      "installChecklist": [
        "Use the Yavira download entry.",
        "Review SKILL.md after the package is downloaded.",
        "Confirm the extracted package contains the expected setup assets."
      ],
      "postInstallChecks": [
        "Confirm the extracted package includes the expected docs or setup files.",
        "Validate the skill or prompts are available in your target agent workspace.",
        "Capture any manual follow-up steps the agent could not complete."
      ]
    },
    "downloadPageUrl": "https://openagent3.xyz/downloads/zugashield",
    "agentPageUrl": "https://openagent3.xyz/skills/zugashield/agent",
    "manifestUrl": "https://openagent3.xyz/skills/zugashield/agent.json",
    "briefUrl": "https://openagent3.xyz/skills/zugashield/agent.md"
  },
  "agentAssist": {
    "summary": "Hand the extracted package to your coding agent with a concrete install brief instead of figuring it out manually.",
    "steps": [
      "Download the package from Yavira.",
      "Extract it into a folder your agent can access.",
      "Paste one of the prompts below and point your agent at the extracted folder."
    ],
    "prompts": [
      {
        "label": "New install",
        "body": "I downloaded a skill package from Yavira. Read SKILL.md from the extracted folder and install it by following the included instructions. Then review README.md for any prerequisites, environment setup, or post-install checks. Tell me what you changed and call out any manual steps you could not complete."
      },
      {
        "label": "Upgrade existing",
        "body": "I downloaded an updated skill package from Yavira. Read SKILL.md from the extracted folder, compare it with my current installation, and upgrade it while preserving any custom configuration unless the package docs explicitly say otherwise. Then review README.md for any prerequisites, environment setup, or post-install checks. Summarize what changed and any follow-up checks I should run."
      }
    ]
  },
  "documentation": {
    "source": "clawhub",
    "primaryDoc": "SKILL.md",
    "sections": [
      {
        "title": "ZugaShield Security Scanner",
        "body": "7-layer AI security scanning plugin for OpenClaw. Protects all channels simultaneously by hooking into the Gateway — the single chokepoint for all traffic."
      },
      {
        "title": "What It Blocks",
        "body": "AttackHookDetectionPrompt injectionpreRequest150+ signatures, unicode smuggling, encoding evasionSSRF / Command injectionpreToolExecutionCloud metadata URLs, shell metacharacters (always fail-closed)Secret / PII leakagepreResponseAPI keys, tokens, credentials, high-entropy stringsMemory poisoningpreRecallEmbedded instructions, sleeper payloads in recalled memoriesDNS exfiltrationpreResponseHigh-entropy subdomains, data-in-DNS patternsPath traversalpreToolExecutionDirectory traversal sequences, symlink attacks"
      },
      {
        "title": "Install",
        "body": "pip install \"zugashield[mcp]\"\nnpm install zugashield-openclaw-plugin\nopenclaw plugins install ./node_modules/zugashield-openclaw-plugin\nopenclaw restart"
      },
      {
        "title": "Verify",
        "body": "/shield status\n\nShould show: CONNECTED with 7 active layers."
      },
      {
        "title": "Configuration",
        "body": "In openclaw.json under plugins.entries.openclaw-plugin.config:\n\nfail_closed (default: true) — Block requests when scanner is down\nstrict_mode (default: false) — Block medium+ threats (not just high/critical)\nscan.inputs / scan.outputs / scan.tool_calls / scan.memory — Toggle individual hooks"
      },
      {
        "title": "How It Works",
        "body": "ZugaShield spawns a Python MCP server as a managed child process. Each message, tool call, and response passes through the scanner in <15ms. The plugin uses OpenClaw's Gateway hooks, meaning one install protects Signal + Telegram + Discord + WhatsApp + web simultaneously.\n\nTool calls are always fail-closed regardless of configuration — SSRF and command injection are too dangerous to allow through even temporarily."
      },
      {
        "title": "Links",
        "body": "GitHub\nnpm\nPyPI"
      }
    ],
    "body": "ZugaShield Security Scanner\n\n7-layer AI security scanning plugin for OpenClaw. Protects all channels simultaneously by hooking into the Gateway — the single chokepoint for all traffic.\n\nWhat It Blocks\nAttack\tHook\tDetection\nPrompt injection\tpreRequest\t150+ signatures, unicode smuggling, encoding evasion\nSSRF / Command injection\tpreToolExecution\tCloud metadata URLs, shell metacharacters (always fail-closed)\nSecret / PII leakage\tpreResponse\tAPI keys, tokens, credentials, high-entropy strings\nMemory poisoning\tpreRecall\tEmbedded instructions, sleeper payloads in recalled memories\nDNS exfiltration\tpreResponse\tHigh-entropy subdomains, data-in-DNS patterns\nPath traversal\tpreToolExecution\tDirectory traversal sequences, symlink attacks\nInstall\npip install \"zugashield[mcp]\"\nnpm install zugashield-openclaw-plugin\nopenclaw plugins install ./node_modules/zugashield-openclaw-plugin\nopenclaw restart\n\nVerify\n/shield status\n\n\nShould show: CONNECTED with 7 active layers.\n\nConfiguration\n\nIn openclaw.json under plugins.entries.openclaw-plugin.config:\n\nfail_closed (default: true) — Block requests when scanner is down\nstrict_mode (default: false) — Block medium+ threats (not just high/critical)\nscan.inputs / scan.outputs / scan.tool_calls / scan.memory — Toggle individual hooks\nHow It Works\n\nZugaShield spawns a Python MCP server as a managed child process. Each message, tool call, and response passes through the scanner in <15ms. The plugin uses OpenClaw's Gateway hooks, meaning one install protects Signal + Telegram + Discord + WhatsApp + web simultaneously.\n\nTool calls are always fail-closed regardless of configuration — SSRF and command injection are too dangerous to allow through even temporarily.\n\nLinks\nGitHub\nnpm\nPyPI"
  },
  "trust": {
    "sourceLabel": "tencent",
    "provenanceUrl": "https://clawhub.ai/Zuga-luga/zugashield",
    "publisherUrl": "https://clawhub.ai/Zuga-luga/zugashield",
    "owner": "Zuga-luga",
    "version": "0.1.1",
    "license": null,
    "verificationStatus": "Indexed source record"
  },
  "links": {
    "detailUrl": "https://openagent3.xyz/skills/zugashield",
    "downloadUrl": "https://openagent3.xyz/downloads/zugashield",
    "agentUrl": "https://openagent3.xyz/skills/zugashield/agent",
    "manifestUrl": "https://openagent3.xyz/skills/zugashield/agent.json",
    "briefUrl": "https://openagent3.xyz/skills/zugashield/agent.md"
  }
}