Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
medium confidencePurpose & Capability
Name/description (runtime I/O security monitoring) align with the code: the Python module implements regex-based detection for prompt injection, data exfiltration patterns, and dangerous commands. The skill does not request unrelated credentials, binaries, or config paths.
Instruction Scope
SKILL.md and README show simple integration examples (import RuntimeMonitor; call monitor.detect or monitor.monitor). There is a minor mismatch in method names between SKILL.md and README which may reflect outdated docs vs code; otherwise instructions stay within the described monitoring scope and do not direct the agent to read unrelated system files or external endpoints. The monitor will necessarily inspect any text passed to it (including secrets), and the code logs warnings and includes raw_input (truncated to 500 chars) in DetectionResult — consider this when sending sensitive data to the monitor.
Install Mechanism
No install spec and no external downloads; the skill is distributed as a Python source file only. No package installation or remote code fetches were specified.
Credentials
The skill declares no required environment variables, credentials, or config paths. The presence of regexes that detect API keys, AWS keys, GitHub tokens, etc. is appropriate for a data-exfiltration detector and does not imply the skill itself requests those secrets.
Persistence & Privilege
always is false, the skill does not request persistent/privileged installation and there is no evidence it modifies other skills or global agent settings. Logging is used but no file- or network-based persistence is visible in the provided code fragment.
Assessment
This skill appears to do what it says: regex-based runtime monitoring for prompt injection, secrets, and risky commands. Before installing:
- Verify the actual public API/method names in runtime_monitor.py match SKILL.md/README (there are inconsistent call examples).
- Review the remainder of runtime_monitor.py (file was truncated in the listing) to confirm there are no network calls, telemetry, or file writes not shown here.
- Be aware the monitor will inspect any text you pass it (including secrets); logs include a truncated raw_input field. Configure logging/sanitization to avoid accidentally persisting sensitive data (or scrub inputs before sending to the monitor).
- Run initially in a restricted or test environment and audit its outputs to ensure detection rules and logging behavior meet your privacy and operational requirements.Like a lobster shell, security has layers — review code before you run it.
latestvk975g9yf53kjx5zc7yj8zavegn83q4bc
License
MIT-0
Free to use, modify, and redistribute. No attribution required.