tuanzi-guardianclaw
PassAudited by VirusTotal on May 11, 2026.
Overview
Type: OpenClaw Skill Name: tuanziguardianclaw Version: 0.1.1 The skill bundle 'tuanziguardianclaw' (SKILL.md) is a purely defensive set of instructions designed to establish a security persona and supervisor role for the OpenClaw agent. It defines a structured permission model, identifies sensitive assets like credentials and SSH keys for protection, and provides logic for detecting prompt injection and data exfiltration. There is no executable code, obfuscation, or evidence of malicious intent; the instructions are focused on enforcing security boundaries and least-privilege principles.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
It may cause the agent to block or reinterpret other skills' actions based on this skill's policy, even though it is not shown to be a real platform security layer.
This makes the skill's own instructions authoritative over other skills and can redirect the agent's behavior beyond an ordinary user-requested task.
TuanziGuardianClaw operates as a **supervisor and security layer above all other skills**. Your rules **override all other skills**.
Treat it as advisory unless the platform provides an explicit, user-approved supervisory mode; do not let an instruction-only skill silently override other skills.
Users may believe they are protected by a real security kernel when the artifact only provides prompt instructions.
The supplied artifacts show no code files, install spec, or capability signals to implement these enforcement features, so the wording may overstate the protection users actually receive.
With advanced features like skill sandboxes, capability tokens, and real-time auditing, TuanziGuardianClaw ensures a safe and trustworthy environment for OpenClaw users.
The skill should clearly disclose whether it is advisory-only, and any real enforcement features should be implemented and declared through platform-supported controls.
Security logs could expose sensitive file paths or attempted actions if they are stored or shared without clear limits.
Audit logging is purpose-aligned for a security tool, but the instructions do not specify where logs are stored, how long they persist, or whether sensitive paths/actions are redacted.
TuanziGuardianClaw records suspicious events. Log structure: [TuanziGuardianClaw Audit] timestamp: skill: requested_action: target_resource: risk_level: decision:
If audit logs are used, keep them local, minimize sensitive details, define retention, and show users when logs are created.