SkillFence

Type: OpenClaw Skill Name: skillfence Version: 1.0.6 The OpenClaw SkillFence skill is a runtime security monitor designed to detect malicious behavior in other skills. Its code (`monitor.js`) and documentation (`SKILL.md`, `README.md`) consistently describe a tool that performs system introspection (process monitoring, network connection analysis, file access timestamp checks) and code scanning of other skills. Crucially, the skill explicitly claims and the code verifies that it is 'read-only' (only modifying its own state/log files, not other system files or credentials' contents) and 'never makes outbound network requests'. The use of `execSync` for system commands (like `ps aux`, `lsof`, `ss`) and `fs.readFileSync` for scanning other skill files are necessary for its stated security purpose. Prompt injection instructions in `SKILL.md` guide the AI agent to perform security monitoring and transparently report findings, not to subvert its function or hide actions. There is no evidence of intentional harmful behavior such as data exfiltration, persistence, or unauthorized remote control.