Install
openclaw skills install @zengbiaojie/sentryskillsSentrySkills - Automatic security guard that runs on EVERY task. Protects against prompt injection, data leaks, unsafe commands, and code vulnerabilities with zero external dependencies.
openclaw skills install @zengbiaojie/sentryskillsSentrySkills is designed to run AUTOMATICALLY on every task. It provides three-stage protection (preflight → runtime → output) with predictive risk analysis.
After installing SentrySkills, you must configure your AGENTS.md to make it run automatically. See install/first_time_setup.md for details.
On every task, SentrySkills:
Add this to your ~/.codex/AGENTS.md:
cat >> ~/.codex/AGENTS.md << 'EOF'
# SentrySkills - Security First
Before EVERY response, run:
python ~/.codex/sentryskills/shared/scripts/self_guard_runtime_hook_template.py \
input.json \
--policy-profile balanced \
--out result.json
Then check result.json for final_action and follow it.
EOF
Restart Codex and you're protected!
Use SentrySkills when you need AI agents to operate safely with:
Examples:
✅ Use: When an agent needs to read environment variables or config files
✅ Use: When an agent is asked to execute shell commands
✅ Use: When an agent generates database queries or API calls
✅ Use: When an agent modifies system files or configurations
❌ Skip: Simple read-only queries on public documentation
❌ Skip: Basic explanations without system access
This is a skill package that orchestrates multiple sub-skills:
Each sub-skill has its own SKILL.md with specific requirements.
preflight → runtime → output guard → final decisionpython shared/scripts/self_guard_runtime_hook_template.py \
shared/references/input_schema.json \
--policy shared/references/runtime_policy.balanced.json \
--policy-profile balanced
python shared/scripts/self_guard_runtime_hook_template.py \
shared/references/input_schema.json \
--out ./sentry_skill_log/sentryskills_summary.json
python shared/scripts/self_guard_runtime_hook_template.py \
shared/references/input_schema.json \
--log-layout legacy \
--events-log ./sentry_skill_log/sentryskills_events.jsonl
project_path (absolute path to avoid drift)self_guard_final_actionself_guard_trace_idself_guard_events_log (path to index or legacy events)Log root: ./sentry_skill_log/
Per-turn directories:
./sentry_skill_log/turns/YYYYMMDD_HHMMSS_<turn_id>/input.json./sentry_skill_log/turns/YYYYMMDD_HHMMSS_<turn_id>/result.jsonGlobal index:
./sentry_skill_log/index.jsonlSession state:
./sentry_skill_log/.self_guard_state/Copy to skills/sentryskills/ and reference in agent configuration.
shared/references/runtime_policy.*.json - Security policy profilesshared/references/detection_rules.json - Detection rule definitionsshared/references/input_schema.json - Input validation schema# Test predictive analysis
python test_predictive_analysis.py
# Test integration
python test_integration.py
The system emits structured events for:
preflight_result - Pre-execution check outcomeruntime_result - Runtime monitoring outcomeoutput_guard_result - Output validation outcomepredictive_analysis_result - Risk prediction (if enabled)final_decision - Overall decision with rationalehook_end - Completion with durationEach event includes: