Exec Security

Pre-execution security checker for shell commands. Detects dangerous patterns before running exec/bash tools including recursive deletion, credential leaks, data exfiltration, download-and-execute attacks, injection, Unicode obfuscation, resource exhaustion, and system file tampering. Use when executing shell commands on behalf of users, processing commands from external sources, or when the agent needs to validate command safety. NOT for read-only commands like ls/cat/grep on non-sensitive files, or commands the user explicitly typed and confirmed.

Install

openclaw skills install @yozu/exec-security