ClawHub

Agent Safety

v1.0.0

Outbound safety for autonomous AI agents — scans YOUR output before it leaves the machine. Git pre-commit hooks that automatically block commits containing A...

0· 721·1 current·1 all-time
by@compass-soul
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description claim outbound scanning and git-level enforcement; included scripts (pre-publish-scan.sh, install-hook.sh, health-check.sh) implement exactly that. No unrelated credentials, binaries, or install artifacts are requested. Reading OpenClaw workspace files and checking system state is consistent with the described health checks.
Instruction Scope
SKILL.md instructs running the provided scripts and installing the pre-commit hook. The scripts operate on staged files or the specified workspace and do not send scanned content to external endpoints. Health check runs local system queries (openclaw --version, npm view, softwareupdate, csrutil) — these are expected for version/update checks but are macOS-specific and may fail on other OSes.
Install Mechanism
No network download or extract install mechanism; this is an instruction-only skill with included scripts. install-hook.sh writes a repo-local .git/hooks/pre-commit file (intended behavior). There are no remote fetches of arbitrary code during install.
Credentials
The skill declares no required env vars or credentials. Scripts read files under $HOME/.openclaw/workspace and run local system commands; that access is coherent with the purpose of scanning workspace context and health-checking the system.
Persistence & Privilege
always:false and user-invocable: true. The only persistent change performed by the provided scripts is installation of a repo-local git pre-commit hook. The skill does not request global/system privileges or modify other skills' configs.
Assessment
This skill appears to do what it says: inspect the included scripts before use, and be aware that install-hook.sh will create/overwrite a .git/hooks/pre-commit file in any repo you point it at (it is repo-local but will block commits until pass or you use --no-verify). The scanner prints filenames and match categories but does not exfiltrate file contents. Note health-check uses macOS-specific tools (softwareupdate, csrutil, firewall utility) and runs npm/openclaw queries that may contact the network for version checks. Review the regex rules in pre-publish-scan.sh to confirm they match your expectations (may produce false positives/negatives) and test the hook on a safe repo before installing broadly. If you previously committed secrets, follow the skill's guidance to rotate them — the scanner cannot undo prior exposure.

Like a lobster shell, security has layers — review code before you run it.

autonomousvk97dqed45r2cajh9qpk6ca4efh819tehlatestvk97dqed45r2cajh9qpk6ca4efh819tehpii-scannervk97dqed45r2cajh9qpk6ca4efh819tehpre-commitvk97dqed45r2cajh9qpk6ca4efh819tehsafetyvk97dqed45r2cajh9qpk6ca4efh819tehsecurityvk97dqed45r2cajh9qpk6ca4efh819teh

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments