ClawHub

Runtime Monitor

v1.0.0

AI 代理运行时 I/O 安全监控 - 检测提示注入、数据外泄、危险命令

0· 121·1 current·1 all-time
by@liwiw

Install

OpenClaw Prompt Flow

Install with OpenClaw

Best for remote or guided setup. Copy the exact prompt, then paste it into OpenClaw for liwiw/runtime-monitor.

Previewing Install & Setup.
Prompt PreviewInstall & Setup
Install the skill "Runtime Monitor" (liwiw/runtime-monitor) from ClawHub.
Skill page: https://clawhub.ai/liwiw/runtime-monitor
Keep the work scoped to this skill only.
After install, inspect the skill metadata and help me finish setup.
Use only the metadata you can verify from ClawHub; do not invent missing requirements.
Ask before making any broader environment changes.

Command Line

CLI Commands

Use the direct CLI path if you want to install manually and keep every step visible.

OpenClaw CLI

Bare skill slug

openclaw skills install runtime-monitor

ClawHub CLI

Package manager switcher

npx clawhub@latest install runtime-monitor
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
medium confidence
Purpose & Capability
Name/description (runtime I/O security monitoring) align with the code: the Python module implements regex-based detection for prompt injection, data exfiltration patterns, and dangerous commands. The skill does not request unrelated credentials, binaries, or config paths.
Instruction Scope
SKILL.md and README show simple integration examples (import RuntimeMonitor; call monitor.detect or monitor.monitor). There is a minor mismatch in method names between SKILL.md and README which may reflect outdated docs vs code; otherwise instructions stay within the described monitoring scope and do not direct the agent to read unrelated system files or external endpoints. The monitor will necessarily inspect any text passed to it (including secrets), and the code logs warnings and includes raw_input (truncated to 500 chars) in DetectionResult — consider this when sending sensitive data to the monitor.
Install Mechanism
No install spec and no external downloads; the skill is distributed as a Python source file only. No package installation or remote code fetches were specified.
Credentials
The skill declares no required environment variables, credentials, or config paths. The presence of regexes that detect API keys, AWS keys, GitHub tokens, etc. is appropriate for a data-exfiltration detector and does not imply the skill itself requests those secrets.
Persistence & Privilege
always is false, the skill does not request persistent/privileged installation and there is no evidence it modifies other skills or global agent settings. Logging is used but no file- or network-based persistence is visible in the provided code fragment.
Assessment
This skill appears to do what it says: regex-based runtime monitoring for prompt injection, secrets, and risky commands. Before installing: - Verify the actual public API/method names in runtime_monitor.py match SKILL.md/README (there are inconsistent call examples). - Review the remainder of runtime_monitor.py (file was truncated in the listing) to confirm there are no network calls, telemetry, or file writes not shown here. - Be aware the monitor will inspect any text you pass it (including secrets); logs include a truncated raw_input field. Configure logging/sanitization to avoid accidentally persisting sensitive data (or scrub inputs before sending to the monitor). - Run initially in a restricted or test environment and audit its outputs to ensure detection rules and logging behavior meet your privacy and operational requirements.

Like a lobster shell, security has layers — review code before you run it.

latestvk975g9yf53kjx5zc7yj8zavegn83q4bc
121downloads
0stars
1versions
Updated 1mo ago
v1.0.0
MIT-0
@liwiw
latest
Download

Runtime Monitor Skill

运行时 I/O 安全监控模块,保护 AI 代理免受安全威胁。

功能

  • 提示注入检测:识别恶意注入模式
  • 数据外泄检测:监控敏感数据传输
  • 危险命令检测:拦截高风险系统命令

使用场景

使用此技能当:

  • 需要监控工具调用的输入/输出安全
  • 检测潜在的安全攻击
  • 审计 AI 代理行为

风险等级

等级说明
LOW低风险,正常操作
MEDIUM中等风险,需关注
HIGH高风险,建议拦截
CRITICAL严重风险,立即阻止

集成方式

from runtime_monitor import RuntimeMonitor

monitor = RuntimeMonitor()
result = monitor.detect(tool_call)

最佳实践

  1. 所有外部调用前进行风险评估
  2. 定期更新检测规则
  3. 记录所有安全事件到审计日志

Comments

Loading comments...