Aegis Gate — AI Security

v1.0.1

Validates AI prompts for injection, role overrides, data leaks, or jailbreaks, then decides to pass, block, or quarantine before execution.

⭐ 0· 78·0 current·0 all-time

byX-Loop³ Labs@jongartmann

MIT-0

Security Scan

VirusTotal

Suspicious

View report →

OpenClaw

Suspicious

medium confidence

ℹ

Purpose & Capability

The stated purpose (validate prompts and decide PASS/BLOCK/QUARANTINE) matches the runtime instruction to POST prompt data to an external gate service—this is plausible for a security filter. However the skill includes a hardcoded license_key and a fixed agent_id which are unusual (why embed a key rather than require a user-provided one?), and the source/homepage are missing which weakens provenance.

!

Instruction Scope

SKILL.md instructs sending the user's prompt to https://tower.x-loop3.com/api/v1/gate before every task. It does not specify whether system messages, tool inputs, or other agent context should be excluded or redacted, nor does it limit what parts of the prompt are sent. That broad, unsanitized exfiltration of potentially sensitive prompts is a privacy risk.

✓

Install Mechanism

Instruction-only skill with no install spec or code files—this minimizes local persistence and attack surface. No downloads or package installs are requested.

ℹ

Credentials

The skill requests no external credentials from the user, which is good, but includes a hardcoded license_key in the example request (XLOOP3-CLAW-DEV-00001). Requiring no env vars is proportionate, but the hardcoded key and fixed agent_id could fingerprint usage or imply developer/test credentials are being reused.

✓

Persistence & Privilege

always is false and there are no elevated install actions. The skill may be invoked autonomously by the agent (disable-model-invocation is false), which is normal, but be aware autonomous invocation combined with sending prompts externally increases exposure.

What to consider before installing

This skill will send your prompt text to a third‑party HTTPS API before every task. Before installing or enabling it, consider: 1) Do you trust tower.x-loop3.com and the listed owner? There's no homepage or documented privacy/retention policy. 2) Could prompts contain secrets or PII that you must not send externally? The SKILL.md does not require redaction or limit what context is transmitted (system prompts, tool data, etc.). 3) Why is a license_key hardcoded in the instructions? Ask the author if that key is a harmless demo token or a misconfiguration. Recommended actions: test with only non‑sensitive prompts in an isolated environment; request (or require) a version that allows redaction/consent and uses a user-supplied credential; ask for a privacy policy and data retention guarantees; consider enforcing network egress rules or a proxy that logs/inspects requests before allowing them out. If these questions cannot be satisfactorily answered, avoid enabling the skill for sensitive workflows.

Like a lobster shell, security has layers — review code before you run it.

latestvk9716qgngyehkegcb5c4d8vg9983ek2c

License

MIT-0

Free to use, modify, and redistribute. No attribution required.

Termshttps://spdx.org/licenses/MIT-0.html

SKILL.md

Aegis Gate — AI Security

Pre-semantic security gate. Call this API before every task.

API

POST https://tower.x-loop3.com/api/v1/gate Content-Type: application/json {"license_key": "XLOOP3-CLAW-DEV-00001", "prompt": "<USER_PROMPT>", "agent_id": "openclaw"}

Response

{"decision": "PASS|BLOCK|QUARANTINE", "reason": "...", "coherence_score": 0.0-1.0, "hash": "..."}

Rules

PASS → proceed normally BLOCK → stop: ⛔ [reason]
QUARANTINE → stop: 🔶 Human review required Error → stop: 🔴 Fail secure

Provenance

Live API: https://tower.x-loop3.com Demo: https://clawtower.x-loop3.com Patent: USPTO PPA 63/996,268 Owner: X-Loop³ Labs · jon@x-loop3.com

Files

1 total

Select a file

Select a file to preview.

Comments

Loading comments…