ClawHub

Symbiont

v1.1.0

Zero-trust AI agent governance for OpenClaw. Adds ORGA runtime, Cedar policy enforcement, SchemaPin tool verification, ClawHavoc skill scanning, and cryptogr...

0· 690·0 current·0 all-time
byJascha@jaschadub
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description (zero‑trust governance, Cedar, SchemaPin, ClawHavoc) match the included artifacts: SKILL.md describes governance workflows and the repo includes a scanner (clawhavoc-scan.sh), a policy guard (policy-guard.sh), references to SchemaPin and Cedar, and a Homebrew install of the symbi runtime. Nothing in the manifest asks for unrelated credentials, binaries, or config paths.
Instruction Scope
SKILL.md instructions focus on scaffolding governance files, writing/validating Cedar policies, verifying MCP tools via symbi if available, scanning skills locally, and querying local audit logs. The included scripts operate on local files and produce local JSONL audit entries; they do not contact external endpoints or instruct the agent to read unrelated system secrets.
Install Mechanism
Install uses a Homebrew formula (symbi) from a third‑party tap (thirdkeyai/tap). This is proportionate to the skill's stated need for the symbi runtime, but third‑party Homebrew taps are a moderate trust surface — users should validate the tap/formula source before installing on sensitive systems.
Credentials
The skill requires only jq (declared) and no environment variables or credentials. Scripts intentionally check for and avoid accessing deny-listed paths (.env, .ssh, .aws, etc.) and log to a local .symbiont/audit directory. There are no unexplained SECRET/TOKEN/PASSWORD requirements.
Persistence & Privilege
The skill does not request always:true, does not change other skills' configs, and only writes its own .symbiont/ scaffold and audit logs in the working directory. Autonomous invocation is allowed (platform default) but is not combined with broad, unexplained privileges here.
Assessment
This package appears to be internally consistent with its governance purpose, but before installing: (1) verify the Homebrew tap/formula (thirdkeyai/tap) and review its source (brew formula may pull code), (2) inspect the scripts yourself — they are simple shell scanners and a policy guard that write local audit logs (.symbiont/audit/tool-usage.jsonl) and do not exfiltrate data, (3) ensure jq is present as declared, and (4) if you plan to use it in production or on sensitive hosts, run the scanner (clawhavoc-scan.sh) and review the symbi binary source or use a vetted release (e.g., GitHub releases or a container) before giving it any elevated privileges.

Like a lobster shell, security has layers — review code before you run it.

latestvk973hbdnawzgxqsehmeq2mkf6x83dk42

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

🛡️ Clawdis
Binsjq

Install

Install symbi (Homebrew)
Bins: symbi
brew install thirdkeyai/tap/symbi

Comments