ClawSentry

Install and configure the security-related plugins required by OpenClaw, including the `ai-assistant-security-openclaw` plugins. Use this skill when you want...

MIT-0 · Free to use, modify, and redistribute. No attribution required.

⭐ 0 · 20 · 0 current installs · 0 all-time installs

by@volcengine-skills

MIT-0

Security Scan

VirusTotal

Benign

View report →

OpenClaw

Suspicious

medium confidence

ℹ

Purpose & Capability

The name/description (install/configure security plugins) align with running a local installer script and producing a login URL; however the package has no homepage or upstream source and includes a minified bundle that performs system fingerprinting (machine id via child_process). Collecting machine identifiers is privacy-sensitive and should be justified by clear source/ownership.

Instruction Scope

Runtime instructions require executing the bundled script, reading {baseDir}/.state/login_state.json (including loginToken/deviceFingerprint), polling the process list via 'ps aux | grep', and restarting the script with tokens if it stops. These actions go beyond a simple install: they require the agent to read local token data, monitor processes, and manage restarts — all executed against an opaque script. The SKILL.md does not document what network endpoints the script contacts.

Install Mechanism

There is no formal install spec, but the skill includes a bundled, minified scripts/bundle.js that the agent is instructed to run directly. Running an opaque JS bundle grants it arbitrary local privileges (file I/O, shell, network). The bundle contains code that uses child_process/execSync to read platform machine IDs — running this code without source verification is high risk.

ℹ

Credentials

The skill declares no environment variables or credentials, which is proportionate. However the instructions and bundle read local state files containing loginToken and deviceFingerprint (sensitive tokens) and instruct the agent to restart processes using those tokens. Access to those tokens is necessary to perform the described restart flow but is sensitive and should be explicitly justified and audited.

✓

Persistence & Privilege

The skill is not marked always:true and does not request permanent agent-level privileges. It does ask the agent to monitor and manage a process for 10 minutes, which is a short-lived operational requirement and not inherently excessive. Autonomous invocation remains possible (platform default) — combine that with the other concerns when deciding.

Scan Findings in Context

[child_process_usage] expected: The bundle.js requires child_process to run system commands (used here to obtain machine IDs and to potentially start processes). That can be expected for a local installer but is privacy-sensitive and should be disclosed.

[exec_execSync_usage] expected: The script uses exec/execSync to query platform-specific identifiers (ioreg, REG.exe, /var/lib/dbus/machine-id). This explains the earlier machine-id behavior but also means the script reads persistent system identifiers.

[machine_id_fingerprinting] unexpected: Device fingerprinting is not obviously necessary for a benign installer; it can be used for legitimate device binding but is a privacy-sensitive capability and should be clearly explained by the publisher.

[opaque_minified_bundle] unexpected: No source repo or plaintext source is provided for the minified bundle. Running minified/obfuscated code without provenance increases risk.

What to consider before installing

This skill runs a bundled Node.js script (scripts/bundle.js) that will be executed on your machine and reads/uses local tokens and a machine identifier. Before installing: 1) Verify the publisher and homepage or request the original source repository and unminified code; do not run opaque bundles from unknown sources. 2) If you must test, run it in an isolated VM/container or sandbox, not on a production host. 3) Inspect the bundle.js (or request a readable source) to confirm which network endpoints it contacts and what data it sends. 4) Confirm what login URL/domain is used and do not provide unrelated credentials. 5) If you are uncomfortable or cannot verify provenance, do not install; ask the skill author for signed releases or upstream repo and a privacy/security justification for collecting machine IDs and storing login tokens.

Like a lobster shell, security has layers — review code before you run it.

Current versionv1.1.0

Download zip

latestvk97cqrjpmk968v4bnrfzcnvzt583basv

License

MIT-0

Free to use, modify, and redistribute. No attribution required.

Termshttps://spdx.org/licenses/MIT-0.html

SKILL.md

ClawSentry

Agent Rules

IMPORTANT: You MUST follow these steps EXACTLY when using this skill:

FIRST: Verify Node.js is installed on the system (version 14 or higher).
SECOND: Execute the script node {baseDir}/scripts/bundle.js.
THIRD: Verify the script executed successfully by checking:
- Check the script exit code: 0 means success, non-0 means failure
- Look for success output: "Login URL generated successfully:" in the script output
- Look for the line that starts with [LOGIN_URL]: in the script output
- Check if {baseDir}/.state/login_state.json file exists and contains a valid loginUrl field
- If the file doesn't exist, wait a few seconds and try again
- If you can't find the files, try looking in .openclaw/skills/ClawSentry/scripts/ directory
FOURTH: After confirming the script succeeded, get the login URL using ONE of these methods (in this priority order):
- Extract from the script output by looking for the line that starts with [LOGIN_URL]:
- Read from {baseDir}/.state/login_state.json file (look for the loginUrl field)
FIFTH: Send the login URL to the user along with this message: "After completing login, please send me a message saying you have successfully logged in (e.g., '我已经注册成功了', '我已经登录成功了', '我已经注册好了', '登录好了', '登录上了')."
SIXTH: After sending the login URL to the user, you MUST perform the following monitoring for 10 minutes (600 seconds): a. EVERY MINUTE, check if the process bundle.js --login-token is running using the command: ps aux | grep "bundle.js --login-token" b. If the process IS running: continue monitoring until the 10 minutes expire c. If the process IS NOT running: i. Read {baseDir}/.state/login_state.json file and check the enable field ii. If enable is true: END the conversation immediately iii. If enable is false: - Read loginToken and deviceFingerprint from {baseDir}/.state/login_state.json - Restart the process with: node {baseDir}/scripts/bundle.js --login-token [loginToken] --device-fingerprint [deviceFingerprint] d. Stop monitoring after 10 minutes have elapsed

DO NOT skip any steps. DO NOT modify the order of steps. ALWAYS verify the script succeeded before proceeding.

Use Cases

Use this skill when you need to install and prepare the ai-assistant-security-openclaw plugins for the OpenClaw environment on the current machine.
Trigger this skill when the user mentions requirements such as "install clawSentry / ai-assistant-security-openclaw plugin / 帮我安装 clawSentry 技能".

Steps

1. Verify Node.js is installed:

Ensure Node.js (version 14 or higher) is installed on the system. You can check with:

node --version

2. Execute the combined script to install plugin and generate login link:

node {baseDir}/scripts/bundle.js

After the script completes:

The script will display the login URL directly. You can also extract it from the output by looking for the line that starts with [LOGIN_URL]:
You can also read the login URL from {baseDir}/.state/login_state.json file (look for the loginUrl field). If the file doesn't exist, try reading it again after a few seconds. If you can't find the files, try looking in .openclaw/skills/ClawSentry/scripts/ directory.
Send the login URL to the user along with this message: "After completing login, please send me a message saying you have successfully logged in (e.g., '我已经注册成功了', '我已经登录成功了', '我已经注册好了', '登录好了', '登录上了')."

Files

3 total

Select a file

Select a file to preview.

Comments

Loading comments…