MessageGuard
PassAudited by ClawScan on May 1, 2026.
Overview
MessageGuard appears to be a coherent protective outgoing-message filter, with disclosed caveats around message interception, optional local logging, and verifying the external clone source.
This skill looks appropriate for preventing accidental secret leaks, but review its configuration before use. Pay special attention to whether logging is enabled, where logs are stored, which channels or patterns bypass filtering, and whether the GitHub repository you clone matches the reviewed code.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Outgoing messages may be changed or stopped based on regex matches and configuration.
The skill is designed to control the outbound message path and may mask, warn, or block messages before sending. This is the stated protective purpose, but it affects user-visible communication.
The filter is a standalone Python script that acts as a **gate** between the agent's intent to send a message and the actual `message` tool call.
Review the configured mode, built-in patterns, allow-lists, and exit-code handling before integrating it into any automatic send workflow.
A user could install code from a repository they have not verified.
The installation guidance points users to an external GitHub repository rather than a declared install spec. The clone is user-directed, but users should verify the repository provenance before running the script.
Clone the repository: `git clone git@github.com:AndrewAndrewsen/MessageGuard.git`.
Confirm the repository owner, commit, and contents match the reviewed artifact before using the cloned code.
Local log files may reveal where sensitive data was detected and partial prefixes of secrets or personal data.
If logging is enabled, the skill persists channel information and snippets of detected sensitive values. This is disclosed and optional, but the log can still contain sensitive context.
Detection log format (`log_path`, JSONL): `{"ts": "2026-02-24T13:00:00Z", "channel": "discord_general", "blocked": true, "detections": [{"name": "jwt_token", "action": "block", "snippet": "eyJhbGc…"Keep detection logging disabled unless needed; if enabled, store logs in a protected location, restrict file permissions, and rotate or delete logs when no longer needed.