Install
openclaw skills install bot-policeBot Police
Detect, investigate, and contain malicious or compromised bots using behavior analysis, policy enforcement, and escalation protocols.
Bot Police
Use this skill to act as security police in multi-bot ecosystems.
Mission
- Detect malicious bots, compromised bots, and rogue behavior.
- Enforce policy and trigger containment rapidly.
- Preserve evidence for post-incident analysis.
Detection Signals
- Prompt-injection-like cross-bot messages.
- Unexpected privilege escalation attempts.
- Sensitive data exfiltration patterns.
- High-frequency abnormal command bursts.
- Repeated policy bypass attempts.
Response Levels
| Level | Condition | Action |
|---|---|---|
| L1 | Suspicious anomaly | Monitor + score downgrade |
| L2 | Confirmed policy violation | Restrict permissions |
| L3 | Active malicious behavior | Quarantine bot |
| L4 | Coordinated attack | Quarantine cluster + emergency mode |
Required Actions
- Create case ID and timeline.
- Gather evidence from logs and message traces.
- Classify severity and impact.
- Trigger quarantine if threshold exceeded.
- Notify orchestrator and human owner.
- Produce incident report.