ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

AOI Sandbox Shield (Lite)

Creates snapshots of critical config files, validates JSON configs for syntax and keys, and generates audit logs without applying changes.

MIT-0 · Free to use, modify, and redistribute. No attribution required.
0 · 566 · 0 current installs · 0 all-time installs
by@edmonddantesj
MIT-0
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description promise snapshot + JSON validation and the code implements that: it reads specific files under the user's ~/.openclaw workspace, computes SHA-256 hashes, copies present files into a snapshot directory, and validates a provided JSON config for required keys. There are no extraneous service credentials, network calls, or unrelated binaries required by the implementation.
Instruction Scope
SKILL.md instructs running node skill.js for snapshot and validate-config; the code implements only local reads and writes under the user's home workspace and prints JSON to stdout. Minor note: SKILL.md doesn't explicitly state where snapshots are stored (the code creates ~/.openclaw/workspace/.sandbox_snapshots_lite), so users should expect on-disk snapshots in that location.
Install Mechanism
No install spec; instruction-only usage plus a single JS file. No external downloads or package installs are performed. The skill requires a Node runtime to run (SKILL.md examples use node), but the registry metadata did not list 'node' under required binaries — this is a small metadata mismatch but not malicious.
Credentials
The skill declares no required environment variables or credentials and indeed accesses only filesystem paths under the user's home. It does not request or read unrelated environment variables or secrets.
Persistence & Privilege
always is false and the skill does not modify other skills or system-wide agent configuration. It writes snapshot files into a subdirectory of the user's workspace (~/.openclaw/workspace/.sandbox_snapshots_lite), which is within its stated scope.
Assessment
This skill appears to do what it claims: create local snapshots of files in your OpenClaw workspace and validate a JSON config, and it does not contact external endpoints or ask for credentials. Before installing, verify you are comfortable with files being copied into ~/.openclaw/workspace/.sandbox_snapshots_lite (check ownership and permissions), ensure you have a Node runtime available (SKILL.md shows running with 'node'), and review snapshot contents before sharing them (they include file contents' hashes and copies of files such as AGENTS.md, SOUL.md, etc., which could contain sensitive data). Also note the registry metadata omits 'node' under required binaries and the skill's source/homepage in the manifest is minimal — if provenance is important, verify the GitHub/ClawHub links in SKILL.md and confirm you trust that publisher.

Like a lobster shell, security has layers — review code before you run it.

Current versionv0.1.2
Download zip
latestvk975njtn4papz910bqx5k934vd816h9k

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

SKILL.md

AOI Sandbox Shield (Lite)

S-DNA: AOI-2026-0215-SDNA-SS02

What this is

A public-safe subset of “sandbox shield” focused on:

  • creating snapshots of critical workspace/config files
  • validating JSON config files (syntax + required keys)
  • producing an audit log artifact you can attach to release notes

What this is NOT (by design)

  • Does not apply configs
  • Does not restart gateways
  • Does not modify cron
  • Does not send messages externally

Commands

Create snapshot

node skill.js snapshot --reason="before publishing"

Validate config JSON (syntax + required keys)

node skill.js validate-config --path="$HOME/.openclaw/openclaw.json"

Output

All commands print JSON to stdout for easy logging.

Release governance (public)

We publish AOI skills for free and keep improving them. Every release must pass our Security Gate and include an auditable changelog. We do not ship updates that weaken security or licensing clarity. Repeated violations trigger progressive restrictions (warnings → publish pause → archive).

Support

Links

License

MIT (AOI original).

Files

4 total
Select a file
Select a file to preview.

Comments

Loading comments…