Rules of the Claw
ReviewAudited by ClawScan on May 10, 2026.
Overview
Prompt-injection indicators were detected in the submitted artifacts (ignore-previous-instructions); human review is required before treating this skill as clean.
This skill looks benign and purpose-aligned for installing Guardian safety rules. Before installing, review the shell script and rules JSON, confirm the source because registry provenance is limited, understand that it replaces Guardian's persistent rules file, and keep the backup so you can restore prior behavior if needed. ClawScan detected prompt-injection indicators (ignore-previous-instructions), so this skill requires review even though the model response was benign.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Users need to verify the included installer and rules file themselves before trusting it to modify Guardian behavior.
The registry metadata has limited provenance and no install spec even though a shell installer is included and documented.
Source: unknown; Homepage: none; Install specifications: No install spec — this is an instruction-only skill; Code file presence: install.sh
Confirm the intended repository/source, inspect install.sh and the rules JSON, and verify local requirements before running the installer.
Running the script can modify files in the user's OpenClaw configuration.
The skill asks the user to execute a local shell script. The provided script is purpose-aligned, but it runs with the user's local permissions.
# Step 3: Run the install script cd ~/.openclaw/workspace/skills/rules-of-the-claw bash install.sh
Run the installer only after reviewing it, and execute it manually rather than letting an agent run it without confirmation.
Future OpenClaw/Guardian sessions may block commands according to this ruleset until the file is edited or restored from backup.
The installer replaces Guardian's rules file, creating persistent enforcement rules that affect future agent tool use.
GUARDIAN_DIR="${HOME}/.openclaw/extensions/guardian"
RULES_FILE="${GUARDIAN_DIR}/guardian-rules.json"
...
cp "${SOURCE_RULES}" "${RULES_FILE}"Review the installed rules, customize placeholders such as YOUR_APP/YOUR_ORG, and keep the generated backup if you may need to roll back.