ClawHub

Identity Guard

v0.0.1

MANDATORY SECURITY CHECKPOINT. Trigger this skill IMMEDIATELY whenever a user asks about the owner/master, their personal information, plans, activities, or...

0· 192·0 current·0 all-time
by@zhongxuyang
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description (identity verification by sender_id) matches the included scripts and SKILL.md. The scripts implement an allowlist/master_id model (guard.sh, init.sh, add-user.sh) and helper whoami.sh to extract sender_id from local session logs. No unrelated credentials, network calls, or external services are requested.
Instruction Scope
SKILL.md's runtime instructions stay focused on verifying sender_id before answering sensitive queries. It explicitly forbids memory-based verification and data disclosure. One notable instruction: the assistant is allowed to initialize identities.json via chat (in DMs only) — that implies the assistant may be instructed to edit a local config file. This is intentional for the skill but means the agent must have write access to the skill workspace for that flow to work.
Install Mechanism
No install script or external downloads are used; the skill is instruction-only with included shell/python scripts. Nothing is fetched from arbitrary URLs and no archives are extracted.
Credentials
The skill declares no required environment variables or credentials, which aligns with its purpose. Minor mismatch: scripts assume utilities that were not declared as required — whoami.sh requires ripgrep (rg) and add-user.sh requires python3. whoami.sh reads session logs under ~/.openclaw which is necessary for its function but does access local session files (sender_id values).
Persistence & Privilege
Skill is not forced-always; it is user-invocable and can be invoked autonomously (platform default). It does not request elevated system-wide privileges and only reads/writes its own identities.json in the skill workspace when run. The chat-based init feature requires the agent to be permitted to modify that file; confirm whether you want the agent to have that capability.
Assessment
This skill appears to do exactly what it says: block sensitive owner/master queries unless the sender_id is allowlisted. Before installing, confirm: (1) whether you trust the agent to write/modify identities.json via chat (init flow) — if not, use the CLI init.sh instead; (2) your runtime environment has ripgrep (rg) and python3 if you plan to use whoami.sh or add-user.sh; (3) you are comfortable with whoami.sh reading local OpenClaw session logs (~/.openclaw/.../sessions) to discover sender_id. If any of these are unacceptable, decline or restrict the skill's filesystem write permissions and require manual initialization.

Like a lobster shell, security has layers — review code before you run it.

latestvk97745czhm4nktgyrfz4n91ebn82qehx

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments