ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

AIP Security Guard

v0.1.0

Verify skill authorship, enforce declared permissions, and audit tool usage to secure OpenClaw environments using Agent Identity Protocol.

0· 58·0 current·0 all-time
by@sunilp

Install

OpenClaw Prompt Flow

Install with OpenClaw

Best for remote or guided setup. Copy the exact prompt, then paste it into OpenClaw for sunilp/aip-security-guard.

Previewing Install & Setup.
Prompt PreviewInstall & Setup
Install the skill "AIP Security Guard" (sunilp/aip-security-guard) from ClawHub.
Skill page: https://clawhub.ai/sunilp/aip-security-guard
Keep the work scoped to this skill only.
After install, inspect the skill metadata and help me finish setup.
Use only the metadata you can verify from ClawHub; do not invent missing requirements.
Ask before making any broader environment changes.

Command Line

CLI Commands

Use the direct CLI path if you want to install manually and keep every step visible.

OpenClaw CLI

Bare skill slug

openclaw skills install aip-security-guard

ClawHub CLI

Package manager switcher

npx clawhub@latest install aip-security-guard
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The declared purpose — verifying skill signatures and enforcing manifests — matches the SKILL.md description. However, the skill's metadata lists no install, binaries, or required env vars, while the runtime instructions explicitly require installing an external tool (npm package) to perform that work. The install instruction logically belongs to the purpose but is not reflected in the registry metadata.
!
Instruction Scope
SKILL.md instructs the user/agent to run `npm install -g aip-openclaw` and to manage a local trust list and audit logs. This implies filesystem write/read access, ability to run shell commands, and network access to npm/GitHub — none of which are declared. The instructions do not limit or specify exact files/paths to be read/written, nor do they provide safety checks for the external package.
!
Install Mechanism
There is no install spec in the registry entry but SKILL.md tells users to install a global npm package. Installing a global npm package downloads and executes third-party code (moderate-to-high risk) and the SKILL.md does not pin versions, provide integrity hashes, or justify why a privileged/global install is necessary.
!
Credentials
The skill declares no required env vars or config paths, yet its functionality (verifying installed skills, maintaining a trust list, logging audits) necessarily requires filesystem access and likely network access for key lookups. The lack of declared privileges/requirements is disproportionate to the described runtime behavior.
Persistence & Privilege
The skill is not always-enabled and does not request persistent platform privileges in the registry metadata (good). It can be invoked autonomously (default), which increases blast radius if the installed npm package is malicious — but autonomous invocation alone is not unusual and is not enough to mark it malicious.
What to consider before installing
Before installing or using this skill: (1) treat the `npm install -g aip-openclaw` step as installing arbitrary code — review the npm package and its source repo (the GitHub link) and prefer pinned releases or integrity hashes; (2) confirm what filesystem paths the tool will read/write (skill directories, trust lists, audit logs) and whether that level of access is acceptable; (3) prefer running the tool in a sandbox or container rather than as a global install; (4) ask the author/registry maintainer to add an explicit install spec, required binaries (npm/node), and declared permissions in the metadata so you can evaluate least-privilege requirements; (5) if you cannot validate the package provenance and contents, decline installation or test it in an isolated environment.

Like a lobster shell, security has layers — review code before you run it.

aipvk97fz5zwh90594p5768xxspyes85gy8nidentityvk97fz5zwh90594p5768xxspyes85gy8nlatestvk97fz5zwh90594p5768xxspyes85gy8nsecurityvk97fz5zwh90594p5768xxspyes85gy8n
58downloads
0stars
1versions
Updated 3d ago
v0.1.0
MIT-0
@sunilp
aipidentitylatestsecurity
Download

AIP Security Guard

Verify skill authors, enforce capability manifests, and audit tool calls. Adds identity and access control to your OpenClaw setup.

Setup

npm install -g aip-openclaw

Commands

  • "verify skill [name]" -- check signature and manifest of an installed skill
  • "show audit log" -- display recent tool call audit trail
  • "security status" -- show which skills are signed, unsigned, or blocked
  • "trust author [key]" -- add an author to your local trust list

How It Works

AIP Security Guard uses the Agent Identity Protocol (AIP) to verify skill authors via Ed25519 signatures and enforce capability manifests that declare what each skill is allowed to do.

Each skill can optionally include:

  • .aip-signature -- signed envelope proving the skill hasn't been tampered with
  • aip-manifest.toml -- declaration of allowed MCP tools, network access, file access, shell, budget

The guard runs outside OpenClaw's trust boundary. All decisions are logged to an audit trail.

Links

Comments

Loading comments...