ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

AIP Agent Guard

v0.1.0

Verify skill authorship, enforce capability manifests, and audit tool usage to secure and control your OpenClaw skills with identity and access management.

0· 55·0 current·0 all-time
by@sunilp·duplicate of @sunilp/aip-security-guard

Install

OpenClaw Prompt Flow

Install with OpenClaw

Best for remote or guided setup. Copy the exact prompt, then paste it into OpenClaw for sunilp/aip-agent-guard.

Previewing Install & Setup.
Prompt PreviewInstall & Setup
Install the skill "AIP Agent Guard" (sunilp/aip-agent-guard) from ClawHub.
Skill page: https://clawhub.ai/sunilp/aip-agent-guard
Keep the work scoped to this skill only.
After install, inspect the skill metadata and help me finish setup.
Use only the metadata you can verify from ClawHub; do not invent missing requirements.
Ask before making any broader environment changes.

Command Line

CLI Commands

Use the direct CLI path if you want to install manually and keep every step visible.

OpenClaw CLI

Bare skill slug

openclaw skills install aip-agent-guard

ClawHub CLI

Package manager switcher

npx clawhub@latest install aip-agent-guard
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The stated purpose (verify skill authorship, enforce manifests, audit tool calls) aligns with the instructions (calls out an 'aip-openclaw' tool). However the registry contains no install spec or packaged code while the SKILL.md expects an external npm package to be installed, which is an inconsistency: if the skill needs that tool it should declare it in metadata or include code.
!
Instruction Scope
The SKILL.md instructs the agent/user to run 'npm install -g aip-openclaw' and then perform local actions (verify signatures, modify a local trust list, show/append to audit logs). Those instructions imply reading/writing local files and executing third-party code; the skill does not limit or give integrity checks for that external code and does not describe exactly which files or paths are used for trust/audit state.
!
Install Mechanism
No install spec is present in the registry, yet the instructions ask for a global npm install. Installing an arbitrary npm package globally can execute arbitrary code (postinstall scripts). The SKILL.md provides no package checksum, release URL, or pinned version; relying on the npm registry without verification is a moderate-to-high risk.
Credentials
The skill requests no environment variables, credentials, or privileged config paths in its metadata. The SKILL.md also does not ask for unrelated secrets. That said, the installed npm package would likely need filesystem access to manage trust lists and audit logs—reasonable for its purpose but not explicitly scoped.
Persistence & Privilege
always is false and model invocation is allowed (normal). The documented behavior (maintaining a local trust list and audit trail) implies persistent local state, which is consistent with the skill's goals, but the SKILL.md asks the user to install a global binary which increases system-wide impact.
What to consider before installing
This skill is instruction-only and tells you to run 'npm install -g aip-openclaw' to get the enforcement tool. That action will download and run code from the npm registry with global privileges and could execute arbitrary scripts. Before installing or following these instructions: 1) Inspect the npm package source (use the provided GitHub link) and review its package.json and any postinstall scripts. 2) Verify the package author and releases (check npm owner/maintainer, commit history, and signed releases if available). 3) Prefer installing in an isolated environment (container, VM) or a non-global location (avoid -g) and do a local code audit. 4) Request the publisher to provide an install spec in the registry (with a pinned version and checksum) or include the needed code in the skill package. 5) If you cannot audit the package, do not run the global install on production hosts. These steps will reduce risk and help validate whether the tool is trustworthy.

Like a lobster shell, security has layers — review code before you run it.

agent-securityvk975k3ywr68ht507dtxvxnc6bn85gz9baipvk975k3ywr68ht507dtxvxnc6bn85gz9bidentityvk975k3ywr68ht507dtxvxnc6bn85gz9blatestvk975k3ywr68ht507dtxvxnc6bn85gz9bsecurityvk975k3ywr68ht507dtxvxnc6bn85gz9b
55downloads
0stars
1versions
Updated 3d ago
v0.1.0
MIT-0
@sunilp
agent-securityaipidentitylatestsecurity
Download

AIP Security Guard

Verify skill authors, enforce capability manifests, and audit tool calls. Adds identity and access control to your OpenClaw setup.

Setup

npm install -g aip-openclaw

Commands

  • "verify skill [name]" -- check signature and manifest of an installed skill
  • "show audit log" -- display recent tool call audit trail
  • "security status" -- show which skills are signed, unsigned, or blocked
  • "trust author [key]" -- add an author to your local trust list

How It Works

AIP Security Guard uses the Agent Identity Protocol (AIP) to verify skill authors via Ed25519 signatures and enforce capability manifests that declare what each skill is allowed to do.

Each skill can optionally include:

  • .aip-signature -- signed envelope proving the skill hasn't been tampered with
  • aip-manifest.toml -- declaration of allowed MCP tools, network access, file access, shell, budget

The guard runs outside OpenClaw's trust boundary. All decisions are logged to an audit trail.

Links

Comments

Loading comments...