ClawHub

Vt Sentinel Installer 1.10.0

v1.10.0

Install or upgrade VT Sentinel security plugin. Use when the user asks to install, set up, enable, update, or upgrade VT Sentinel, VirusTotal scanning, malwa...

0· 378·0 current·0 all-time
by@king-tero

Install

OpenClaw Prompt Flow

Install with OpenClaw

Best for remote or guided setup. Copy the exact prompt, then paste it into OpenClaw for king-tero/vt-sentinel-installer.

Previewing Install & Setup.
Prompt PreviewInstall & Setup
Install the skill "Vt Sentinel Installer 1.10.0" (king-tero/vt-sentinel-installer) from ClawHub.
Skill page: https://clawhub.ai/king-tero/vt-sentinel-installer
Keep the work scoped to this skill only.
After install, inspect the skill metadata and help me finish setup.
Use only the metadata you can verify from ClawHub; do not invent missing requirements.
Ask before making any broader environment changes.

Command Line

CLI Commands

Use the direct CLI path if you want to install manually and keep every step visible.

OpenClaw CLI

Bare skill slug

openclaw skills install vt-sentinel-installer

ClawHub CLI

Package manager switcher

npx clawhub@latest install vt-sentinel-installer
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description (install/upgrade VT Sentinel) matches the actions described: listing, installing/updating the plugin, and restarting the OpenClaw gateway. Required binary (openclaw) is appropriate and expected.
Instruction Scope
SKILL.md confines runtime actions to openclaw subcommands (plugins list/install/update/uninstall/inspect, gateway restart, config set). It does not instruct reading arbitrary system files or exfiltrating data; it outlines explicit steps and asks to show exact actions to the user for approval.
Install Mechanism
No install spec in the skill itself (instruction-only). Actual package retrieval is delegated to the openclaw CLI which downloads a ClawHub package into ~/.openclaw/extensions. This is proportional, but users should verify ClawHub/package provenance via the suggested `openclaw plugins inspect` if uncertain.
Credentials
The skill requests no environment variables or credentials. Optional instructions to set a VirusTotal API key are reasonable and explicitly optional; the claimed auto-registration with VTAI is a behavioral note of the plugin, not a required secret in the skill itself.
Persistence & Privilege
always:false and no system config paths are requested. The skill instructs a user-scope gateway restart via the OpenClaw CLI (expected for plugin activation). It does not request persistent elevated privileges or modify other skills' configs.
Assessment
This skill is an instruction wrapper that calls your local openclaw CLI to install or update the VT Sentinel plugin. Before proceeding: (1) ensure you trust the OpenClaw/ClawHub ecosystem and the linked repository (use `openclaw plugins inspect` as suggested); (2) confirm the agent asks you to approve the exact commands it will run; (3) be aware that the CLI will download the plugin into ~/.openclaw/extensions and will restart the user-scoped OpenClaw gateway (may temporarily affect running integrations); (4) optional VirusTotal API key configuration is explicit and not required by the skill. If you are uncertain about provenance, inspect the package and repository first or perform the install yourself from a shell.

Like a lobster shell, security has layers — review code before you run it.

Runtime requirements

🛡️ Clawdis
Any binopenclaw
latestvk973jnhphky5rr6y4hgvswar7984tc6x
378downloads
0stars
14versions
Updated 1w ago
v1.10.0
MIT-0
@king-tero
latest
Download

Install / Upgrade VT Sentinel Plugin

This skill delegates everything to the official openclaw CLI. It does not delete files, edit openclaw.json manually, download tarballs from external URLs, or touch system services directly. All filesystem and config changes are performed by openclaw plugins subcommands.

What this skill will do

Before proceeding, tell the user the exact actions that will run, so they can approve:

  1. Query installed plugins (openclaw plugins list) — read-only.
  2. If not installed → openclaw plugins install clawhub:openclaw-plugin-vt-sentinel (downloads the verified ClawHub package into ~/.openclaw/extensions/).
  3. If installed → openclaw plugins update openclaw-plugin-vt-sentinel (in-place upgrade handled by the OpenClaw CLI).
  4. openclaw gateway restart — restart the user-scope gateway so the plugin loads.
  5. Verify the plugin is active.

User data (vt-sentinel-agent.json, vt-sentinel-state.json, vt-sentinel-audit/) lives in <OPENCLAW_STATE_DIR> (outside the plugin directory) and is preserved across install/upgrade.

Source & provenance

  • ClawHub package: openclaw-plugin-vt-sentinel (verified / LLM-reviewed clean).
  • npm package: openclaw-plugin-vt-sentinel (public, MIT licensed).
  • Source repository: https://github.com/king-tero/VT-sentinel.

If the user is uncertain about provenance, suggest inspecting the package first with openclaw plugins inspect clawhub:openclaw-plugin-vt-sentinel.

Step 1: Check current state

exec { "command": "openclaw plugins list" }

Look for openclaw-plugin-vt-sentinel in the output.

  • Not present → go to Step 2 (fresh install).
  • Present → go to Step 3 (upgrade in place).

Step 2: Fresh install

exec { "command": "openclaw plugins install clawhub:openclaw-plugin-vt-sentinel" }

This downloads the ClawHub package, registers the plugin, and loads skills and hooks automatically. No manual configuration needed. Go to Step 4.

Step 3: Upgrade in place

exec { "command": "openclaw plugins update openclaw-plugin-vt-sentinel" }

The OpenClaw CLI handles the upgrade atomically: it fetches the latest version, replaces the extension directory, and updates plugins.installs metadata. User config in plugins.entries and state files under <OPENCLAW_STATE_DIR> are preserved.

If the CLI reports "already at latest version", tell the user VT Sentinel is up to date and skip to Step 5 (verify only).

If the update is blocked (for example by a corrupted install), fall back to a clean reinstall using only official subcommands:

exec { "command": "openclaw plugins uninstall openclaw-plugin-vt-sentinel --force" }
exec { "command": "openclaw plugins install clawhub:openclaw-plugin-vt-sentinel" }

uninstall removes the extension directory and cleans plugins.installs in a single supported operation — do not edit openclaw.json manually.

Step 4: Restart the gateway

The plugin will not become active until the gateway restarts. The OpenClaw CLI provides a cross-platform wrapper that handles the underlying service manager (launchd on macOS, systemd user unit on Linux, schtasks on Windows):

exec { "command": "openclaw gateway restart" }

Step 5: Verify

exec { "command": "openclaw plugins list" }

Confirm openclaw-plugin-vt-sentinel appears as loaded. A healthy install registers 9 tools and 2 hooks.

Step 6: Inform the user

  1. VT Sentinel is installed and active (mention whether this was a fresh install or an upgrade, and from which version if known).
  2. No API key needed — the plugin auto-registers with VirusTotal's AI API (VTAI) on first scan. Zero configuration required.
  3. Optionally, the user can add their own VirusTotal API key for higher rate limits: 
    openclaw config set plugins.entries.openclaw-plugin-vt-sentinel.config.apiKey "vt_xxxxxxxx"
    Since v0.11.0 the VIRUSTOTAL_API_KEY environment variable fallback was retired — only the plugin config value or VTAI auto-registration are supported.

What VT Sentinel provides

Tools exposed after install:

  • vt_scan_file — Full file scan (AV + AI Code Insight)
  • vt_check_hash — Quick hash lookup
  • vt_upload_consent — Consent flow for sensitive file uploads
  • vt_sentinel_status — View current config, watched dirs, protection status
  • vt_sentinel_configure — Change settings at runtime (presets, notify level, block mode)
  • vt_sentinel_reset_policy — Reset to defaults
  • vt_sentinel_help — Quick-start guide and privacy info
  • vt_sentinel_update — Check for updates and get upgrade instructions
  • vt_sentinel_re_register — Re-register agent identity with VTAI

Behavior:

  • Automatic scanning of downloaded and created files (AV + AI Code Insight)
  • Active blocking of known-malicious file execution and dangerous command patterns
  • Rotating audit logs under <OPENCLAW_STATE_DIR>/vt-sentinel-audit/

Troubleshooting

If any step fails:

  • Check connectivity to ClawHub and the OpenClaw gateway: openclaw gateway status.
  • Re-run the failing command with verbose output: append --verbose to the openclaw plugins ... command.
  • Inspect plugin load errors: openclaw plugins doctor.
  • Inspect the package before install: openclaw plugins inspect clawhub:openclaw-plugin-vt-sentinel.

Constraints

  • Do not modify ~/.openclaw/openclaw.json manually — openclaw plugins install/update/uninstall handle configuration atomically.
  • Do not run rm -rf on ~/.openclaw/extensions/... — use openclaw plugins uninstall instead.
  • If the user reports the plugin is blocked, check plugins.deny in their openclaw.json (read-only inspection is fine; the user edits it themselves).

Comments

Loading comments...