soul-guardian
v0.0.2Drift detection + baseline integrity guard for agent workspace files with automatic alerting support
⭐ 1· 2.8k·27 current·31 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
high confidencePurpose & Capability
Name/description (drift detection + baseline integrity) matches the included scripts and CLI semantics. Required binary is only python3 and there are no unrelated env vars or secret requirements. The skill legitimately needs local filesystem access and state storage, which is what it requests.
Instruction Scope
Runtime instructions tell the agent to run the included Python scripts against the workspace and (optionally) an external state dir, to add a heartbeat check, and to relay alert output to the user. This is within the stated purpose. Note: the SKILL instructs creating and copying snapshots/patches/quarantined copies (which can include sensitive prompt/instruction files) and recommends moving the state dir outside the workspace; the agent will read and write workspace files and the state dir as part of normal operation.
Install Mechanism
There is no remote install (no downloads or external packages); the package is instruction- and script-based and depends only on Python standard libs. All code is present in the skill bundle. No URL-based installs or archives are used.
Credentials
The skill requests no environment variables or credentials. The only sensitive surface is the state directory which holds approved snapshots, patches, quarantined copies and the audit log — this is necessary for function but should be protected (file perms, offsite backup) because it may contain sensitive prompt/instruction files.
Persistence & Privilege
The skill is not set always:true and uses normal user-invocable/autonomous invocation. It optionally assists installing a user-level launchd job (when the user runs the installer) — that is expected for scheduled checks. The onboarding helper can delete in-workspace state when run with --move; that behavior is documented and should be used cautiously.
Assessment
This skill appears to do exactly what it claims: local drift detection, creating diffs/patches, maintaining an append-only audit log, and optionally auto-restoring critical files. Before installing: 1) Review/initialize baselines carefully — if your approved snapshots are wrong, auto-restore will overwrite files. 2) Prefer an external state directory (outside the workspace) and set restrictive permissions (chmod 700) because the state dir stores approved snapshots, diffs, and quarantined copies that may contain sensitive prompts. 3) Be careful with the onboarding --move flag (it will delete the in-workspace state after copying). 4) Installing the launchd plist (or other scheduler) will create a user-level background job that runs the script; inspect the generated plist before bootstraping. 5) If an attacker can modify both workspace and the state dir, this tool cannot protect you — keep backups/offsite copies of the state. If you want, test the scripts in a temporary workspace first (the repo includes a test script) to verify behavior.Like a lobster shell, security has layers — review code before you run it.
latestvk97d4kmcrpqpqxg356hty9ndtn80ntak
License
MIT-0
Free to use, modify, and redistribute. No attribution required.
Runtime requirements
👻 Clawdis