Install
openclaw skills install @zkeviny/secure-script-runnerZero‑exposure script execution using MGC Blackbox. Store scripts encrypted, execute locally, AI never sees plaintext. Supports MCP/API/WebUI execution, internal credential calls, and script sealing.
openclaw skills install @zkeviny/secure-script-runnerSecure Script Runner is a documentation skill that teaches how to execute scripts with zero plaintext exposure using MGC Blackbox.
This skill enables:
This skill contains no executable code and is safe for automatic approval.
After reading this documentation, an AI agent will understand how to:
pip install mgc-blackboxmgc (runs at http://127.0.0.1:57219)mgc_save, mgc_get, mgc_seal~/.mgc/database/mgc_black_box/.mgc_tokenImportant: For AI agents, use MCP tools. CLI may have port conflicts in some environments.
Script (plaintext) → MGC Encryption → Encrypted Storage
↓
Local Execution (MGC)
↓
AI receives result only
AI executes but never sees script plaintext.
| Mode | Interface | Use Case |
|---|---|---|
| MCP | mgc_get | AI agents |
| REST API | /api/mgc/sensitive/get | System scripts |
| WebUI | http://127.0.0.1:57218 | Human operators |
Store a script with execution metadata:
# Via MCP tool
mgc_save(
info_type="script",
info_owner="my_script",
ext01="python", # Startup command
ext02="script.py arg1", # Default runtime args
content="print('Hello from zero‑exposure!')"
)
| Parameter | Required | Description |
|---|---|---|
| info_type | Yes | Must be "script" |
| info_owner | Yes | Unique script identifier |
| ext01 | Yes | Startup command (python, node, etc.) |
| ext02 | No | Default runtime arguments |
| content | Yes | Script plaintext (encrypted at rest) |
# Execute via MCP tool
result = mgc_get(
info_type="script",
info_owner="my_script",
action="run"
)
# AI receives execution result only
curl -X POST http://127.0.0.1:57219/api/mgc/sensitive/get \
-H "Content-Type: application/json" \
-H "X-MGC-Token: $(cat ~/.mgc/database/mgc_black_box/.mgc_token)" \
-d '{
"info_type": "script",
"info_owner": "my_script",
"action": "run"
}'
Scripts can call MGC internal credentials using the internal API:
# Example: Call MGC credential from script
import urllib.request
import json
def get_mgc_credential(info_type, info_owner):
data = json.dumps({
"info_type": info_type,
"info_owner": info_owner
}).encode("utf-8")
req = urllib.request.Request(
"http://127.0.0.1:57219/api/mgc/sensitive/get",
data=data,
headers={
"Content-Type": "application/json",
"X-MGC-Token": open("/path/to/token").read()
},
method="POST"
)
with urllib.request.urlopen(req) as resp:
return json.loads(resp.read().decode())["data"]
Note: Credentials are retrieved locally, script executes locally, AI never sees plaintext.
For cross‑node delegation, scripts can be sealed using the node's public key:
# Via MCP tool
node_pub = mgc_get(
info_type="__NODE_PUB__",
info_owner="__NODE_PUB__"
)
# Via MCP tool
sealed = mgc_seal(
info_type="script",
info_owner="my_script",
ext04=node_pub # Target node public key
)
# Store sealed version
mgc_save(
info_type="script",
info_owner="my_script_sealed",
ext01="python",
content=sealed
)
Sealed scripts are encrypted and can only be executed by the target node.
Arguments:
{
"info_type": "script",
"info_owner": "unique identifier",
"ext01": "startup command (python, node, etc.)",
"ext02": "default runtime arguments",
"content": "script plaintext"
}
Arguments:
{
"info_type": "script",
"info_owner": "script identifier",
"action": "get | run"
}
Returns: Script content or execution result
Arguments:
{
"info_type": "script",
"info_owner": "script identifier",
"ext04": "target node RSA public key"
}
Returns: Sealed script (encrypted with target node key)