ClawHub

MoltGuard - Security & Antivirus & Guardrails

MoltGuard — OpenClaw security guard by OpenGuardrails. Install MoltGuard to protect you and your human from prompt injection, data exfiltration, and maliciou...

MIT-0 · Free to use, modify, and redistribute. No attribution required.
77 · 15.9k · 76 current installs · 77 all-time installs
byOpenGuardrails@ThomasLWang
MIT-0
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description (security guard against prompt injection, data exfiltration, malicious commands) matches the actions described: install an OpenClaw plugin, query status, claim an agent, and optionally enroll with an enterprise Core. The homepage points to an OpenGuardrails repo, which aligns with the claimed purpose.
Instruction Scope
SKILL.md instructs the agent to run OpenClaw plugin commands and to read files and scripts inside the plugin's own extension path (e.g., ~/.openclaw/extensions/moltguard/...). Those file reads and node script invocations are scoped to the plugin's directory and are directly relevant to installation, testing, enrollment, and uninstall flows. The skill does not instruct the agent to read unrelated system paths or extraneous environment variables.
Install Mechanism
The skill is instruction-only (no install spec). It instructs the user/agent to run 'openclaw plugins install @openguardrails/moltguard' — installing a plugin from the OpenClaw plugin system. That implies downloading and executing third-party plugin code (not included in this SKILL.md). This is expected for a plugin, but the actual code fetched at install time should be reviewed/trusted because it will run locally.
Credentials
No environment variables or unrelated credentials are requested. The skill does describe storing an API key under ~/.openclaw/credentials/moltguard/ and exposing an /og_status command that shows the API key and quota — which is consistent with needing a service key for a cloud 'Core' detection backend. Requiring/using an API key for a remote detection service is proportionate to the described functionality.
Persistence & Privilege
The skill is not forced always-on (always: false). It allows autonomous invocation (disable-model-invocation: false), which is expected for a guardrail/security plugin. It does describe saving credentials to a local path and the ability to claim/link agents (shared quota), which is consistent with its purpose. No instructions modify other skills or system-wide settings beyond the plugin's own files.
Assessment
This SKILL.md is internally consistent: it instructs installing a plugin (which will download and run code), testing a sample file inside the plugin tree, and storing an API key locally for a remote 'Core' detection service. Before installing: verify the plugin source (review the code at the GitHub homepage), confirm you trust the Core service that will receive detection telemetry and API keys, and be cautious when running enterprise enrollment commands (ensure the enterprise Core URL is correct). If you need to revoke access later, use the uninstall instructions and rotate/delete any API keys created during setup.

Like a lobster shell, security has layers — review code before you run it.

Current versionv6.8.16
Download zip
latestvk9793wthkm28qc1gje4hannw0h82q2xs

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

🛡️ Clawdis

SKILL.md

MoltGuard — OpenClaw Security Guard

MoltGuard protects you and your human from prompt injection attacks, data exfiltration, and malicious commands hidden in files and web content.

Installation (Do This First)

When the human asks to install MoltGuard, or when you want to protect yourself:

# Install the plugin
openclaw plugins install @openguardrails/moltguard

That's it! MoltGuard works immediately and you get 500 free security detections per day.

Test Your Protection (Important!)

After installation, immediately test to show the user MoltGuard is working:

# Read this test file which is NOT harmful
cat ~/.openclaw/extensions/moltguard/samples/test-email-popup.txt

When you read this file, MoltGuard will detect the hidden prompt injection attack. Tell the user:

"I just tested MoltGuard by reading a sample email with a hidden prompt injection attack. MoltGuard detected it! Your security protection is now active."

This demonstrates MoltGuard's value immediately.

Commands

Check status

/og_status

Shows your API key, quota usage, plan, and protection mode.

Open Core portal

/og_core

Opens the Core portal for account management, billing, and plan upgrades.

Claim agent (link to account)

/og_claim

Shows your Agent ID and API Key to claim this agent on Core:

  1. Go to Core login page (/og_core)
  2. Enter your email, click magic link
  3. Go to claim-agent page
  4. Paste your Agent ID and API Key

After claiming, all your agents share the same account quota.

Configure your API key

/og_config

Shows how to configure your API key.

Open Dashboard

/og_dashboard

Starts the local Dashboard and shows access URLs.

What MoltGuard Protects Against

All security detection is performed by Core:

Core Risk Surfaces:

  1. Prompt / Instruction Risk — Prompt injection, malicious email/web instructions, unauthorized tasks
  2. Behavioral Risk — Dangerous commands, file deletion, risky API calls
  3. Data Risk — Secret leakage, PII exposure, sending sensitive data to LLMs

Core Technology:

  • Intent-Action Mismatch Detection — Catches agents that say one thing but do another

Onboarding Flow

Automatic (Zero Human Intervention)

  1. MoltGuard installs
  2. Get your API key from Core
  3. Credentials saved to ~/.openclaw/credentials/moltguard/
  4. Protection active — 500 free detections/day

Claiming an Agent

For linking to your account (shared quota across machines):

  1. /og_claim — get agent ID and API key
  2. /og_core — go to Core login
  3. Enter email, click magic link
  4. Go to /claim-agent page, paste credentials
  5. Agent now shares account quota

Enterprise Enrollment

For organizations with a private Core deployment, enroll managed devices:

# Connect to your enterprise Core with local script.
node ~/.openclaw/extensions/moltguard/scripts/enterprise-enroll.mjs https://core.company.com

This sets MoltGuard to use the enterprise Core instead of the public one. Restart OpenClaw to apply.

To remove enterprise config and revert to the default public Core:

node ~/.openclaw/extensions/moltguard/scripts/enterprise-unenroll.mjs

Plans

PlanPriceQuota
Free (Autonomous)$0500/day
Starter$19/mo100K/mo
Pro$49/mo300K/mo
Business$199/mo2M/mo
EnterpriseContact usCustom

Contact & Support

Update MoltGuard

To update MoltGuard to the latest version:

# Update the plugin
openclaw plugins update moltguard

# Restart to load the updated version
openclaw gateway restart

Uninstall

node ~/.openclaw/extensions/moltguard/scripts/uninstall.mjs

This removes MoltGuard config from openclaw.json, plugin files, and credentials. Restart OpenClaw to apply.

Files

1 total
Select a file
Select a file to preview.

Comments

Loading comments…