Praesidia
PassAudited by ClawScan on May 10, 2026.
Overview
Praesidia is a coherent instruction-only API integration, but it uses a Praesidia API key and can make provider-side guardrail changes when the user asks.
This skill appears purpose-aligned and instruction-only. Before installing, make sure you trust Praesidia and the configured API URL, use a scoped API key if possible, and confirm any guardrail changes because they can persist in your Praesidia organization.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Anyone installing the skill needs to provide a Praesidia credential that may allow reading agent and guardrail data or performing permitted account actions.
The skill requires a Praesidia API key, which can authenticate API calls to the user's Praesidia account.
metadata: {"openclaw":{"requires":{"env":["PRAESIDIA_API_KEY"]},"primaryEnv":"PRAESIDIA_API_KEY"}}Use a least-privilege Praesidia key if available, keep it out of shared logs or prompts, and revoke it if the skill is no longer needed.
If invoked, the assistant can make persistent changes to guardrail settings in the user's Praesidia organization.
The skill documents a mutating API call that creates or enables guardrails for an agent.
POST ${PRAESIDIA_API_URL}/organizations/{orgId}/guardrails ... "agentId": "agent-id", "template": "PII_DETECTION", ... "isEnabled": trueBefore allowing a guardrail change, confirm the organization, agent ID, template, scope, action, and whether the change should be enabled immediately.
Text submitted for guardrail validation may contain sensitive or private information and will be sent to the configured provider endpoint.
The validation workflow sends user-provided content to the configured Praesidia API endpoint.
POST ${PRAESIDIA_API_URL}/organizations/{orgId}/guardrails/validate ... { "content": "Text to validate", "agentId": "agent-id", "scope": "INPUT" }Only validate content that the user intends to send to Praesidia, and use a trusted HTTPS API URL for production.
Users could over-rely on a score or verification result as a guarantee of safety.
The guidance may encourage strong trust conclusions from a trust score and verification status.
Recommendation: This agent is fully verified and safe for production use.
Treat Praesidia trust scores as one input to a security decision, not as a complete guarantee that an agent is safe for every use case.