ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

AI Agent OPSEC — Runtime Classified Data Enforcer

v1.4.0

Prevent your AI agent from leaking classified terms to external APIs, subagents, or logs. Term registry + runtime redaction + pre-publish audit. Zero depende...

0· 380· 5 versions· 1 current· 1 all-time· Updated 12h ago· MIT-0
byShadow Rose@theshadowrose

Security Scans

VirusTotalBenignClawScanBenignStatic analysisSuspicious

Install

openclaw skills install ai-agent-opsec

AI Agent OPSEC — Runtime Classified Data Enforcer

Keep your secrets out of web searches, external LLM calls, and subagent spawns.

Side Effects (Declared)

TypePathDescription
READS<workspace>/classified/classified-terms.mdYour term registry — add terms here once, protected everywhere
WRITES<workspace>/memory/security/classified-access-audit.jsonlAppend-only audit log; auto-rotates at 1MB; never contains original sensitive text
NETWORKNoneZero external calls. Fully local.

Important: Add classified/ and memory/security/ to your .gitignore to prevent accidental commits.

Setup

  1. Create classified/classified-terms.md in your workspace root
  2. Add one term per line (blank lines and # comments ignored)
  3. Require and use the enforcer before any external call
const ClassifiedAccessEnforcer = require('./src/ClassifiedAccessEnforcer');
const enforcer = new ClassifiedAccessEnforcer('/path/to/workspace');

// Before any external API call
const { safe, payload } = enforcer.gateExternalPayload(userQuery, 'web_search');

// Before spawning a subagent
const { task } = enforcer.redactTaskBeforeSpawn(taskString, 'ResearchAgent');

See README.md for full documentation.

Version tags

agent-safetyvk9739gx1yn5pdcde49ysa7y3p182shtrlatestvk9739gx1yn5pdcde49ysa7y3p182shtropsecvk9739gx1yn5pdcde49ysa7y3p182shtrprivacyvk9739gx1yn5pdcde49ysa7y3p182shtrredactionvk9739gx1yn5pdcde49ysa7y3p182shtrsecurityvk9739gx1yn5pdcde49ysa7y3p182shtr