ClawHub

Aicc Security Guard

v0.1.0

Ensure the AICC native plugin is active before handling confidential data.

0· 47·0 current·0 all-time
by@senmud
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
The name and description match the runtime instructions: the skill's only goal is to ensure `openclaw-aicc-plugin-native` is present before processing confidential data. It does not request unrelated credentials, binaries, or system access.
Instruction Scope
Instructions are narrowly scoped to checking plugin presence (via `openclaw plugins list` or user confirmation) and refusing to proceed if absent. Note: the fallback (asking the user to self-report installation) can be spoofed by a user or mistaken — the check is only as reliable as the user's ability to run the command or truthfully report the state.
Install Mechanism
No install spec and no code files — the skill is instruction-only, so it does not download or install anything itself.
Credentials
The skill declares no environment variables, credentials, or config paths and the instructions do not reference any secrets or unrelated environment settings.
Persistence & Privilege
No special persistence requested (always:false). The skill is user-invocable and can be used by the agent autonomously per platform defaults, which is appropriate for this purpose.
Assessment
This instruction-only skill is internally consistent: it only asks the agent to stop and confirm that a named native plugin is installed before handling secrets. Before relying on it, verify the plugin yourself (run `openclaw plugins list` locally) and confirm the plugin comes from a trusted source; the skill cannot itself validate the plugin's origin or install it securely. Be cautious with the fallback that accepts a user's verbal confirmation — only disclose secrets after you or a trusted admin has verified the plugin is actually installed and enabled.

Like a lobster shell, security has layers — review code before you run it.

latestvk977ac1qjb2pjx26agf2qzbajs848v7y

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments