ClawHub

Yabbie Net

v0.2.0

A safety net for AI agents. Catches unsafe tool calls before they execute.

0· 71·0 current·0 all-time
by@devlines
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Pending
View report →
OpenClawOpenClaw
Benign
medium confidence
Purpose & Capability
The name/description (proxy safety net) matches the instructions: route MCP servers through an intercepting proxy, apply local deny-rules, optionally forward truncated summaries to an external judge. The optional ANTHROPIC_API_KEY is explicitly required only for tier2, which is consistent.
Instruction Scope
The SKILL.md stays within its stated scope (intercepting tool calls, local tier1 checks, optional tier2 external judgement). It instructs changing openclaw.json to route MCP servers, creating yabbie.yaml, and reading/writing local audit logs (.yabbie/audit.jsonl). Note: enabling tier2 will send truncated tool metadata and taskContext externally (Anthropic or local Ollama) — this is documented but is an expansion of scope that the user must opt into.
Install Mechanism
The skill is instruction-only and instructs installing yabbie-net via npm/npx. npm is a common package host, but the SKILL.md does not include the package code for review. This is coherent with the purpose but raises supply-chain risk because installing external packages executes third-party code outside the skill bundle.
Credentials
Only an optional ANTHROPIC_API_KEY is referenced and only required if tier2 (opt-in) is enabled. No other credentials or config paths are requested, which is proportionate to the described functionality.
Persistence & Privilege
The skill does not request always:true or other elevated platform privileges. It instructs modifying your project's openclaw.json (expected for a proxy) and writes local audit logs; these are reasonable for a proxy tool.
Assessment
This SKILL.md is internally coherent, but it only points to an npm package (yabbie-net) — the registry package is the actual code that will run. Before installing: - Inspect the package and GitHub repository (package.json, proxy implementation) to ensure code matches claims. Verify the GitHub repo and package owner identity. - Prefer project-scoped install and pin the exact version (npm install yabbie-net@0.2.0) rather than a floating tag or global install. - Run the proxy in a sandbox/test environment first to observe behavior and audit logs (.yabbie/audit.jsonl). Check file permissions on the audit log so it doesn't leak sensitive data. - Keep tier2 disabled unless you trust the external judge; if you enable tier2, understand that truncated tool metadata and your taskContext will be sent to the configured provider and that an API key (ANTHROPIC_API_KEY) is required for Anthropic. - If you rely on this for security, perform an independent code audit or use a vetted binary/build from a release channel; consider reproducible builds or verifying the npm package integrity. If you want, I can fetch and summarize the yabbie-net repository (package.json, README, proxy code) so you can make a more informed decision — note that requires network access and the actual package source to be available.

Like a lobster shell, security has layers — review code before you run it.

guardrailsvk97d6pta71034dcyksecm1gaph83xwx1latestvk97d6pta71034dcyksecm1gaph83xwx1mcpvk97d6pta71034dcyksecm1gaph83xwx1safetyvk97d6pta71034dcyksecm1gaph83xwx1securityvk97d6pta71034dcyksecm1gaph83xwx1

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

Environment variables
ANTHROPIC_API_KEYoptionalRequired ONLY if tier2 AI judge is enabled with provider "anthropic". Not needed for tier1-only mode.

Comments