AgentSkillsCN

security-scanner

使用agent-security-scanner-mcp扫描提示词与代码,防范安全威胁。可有效抵御提示词注入、数据外泄与凭据窃取等风险。

SKILL.md
--- frontmatter
name: security-scanner
description: Scan prompts and code for security threats using agent-security-scanner-mcp. Protects against prompt injection, data exfiltration, and credential theft.
metadata: {"openclaw":{"emoji":"🛡️","requires":{"bins":["npx"]}}}
homepage: https://github.com/sinewaveai/agent-security-scanner-mcp

Security Scanner for OpenClaw

Protect your OpenClaw instance from:

  • Prompt injection attacks - Detects attempts to manipulate your AI assistant
  • Data exfiltration - Blocks attempts to steal emails, contacts, files
  • Credential theft - Prevents exposure of API keys, passwords, SSH keys
  • Messaging abuse - Stops mass messaging and impersonation attacks
  • Unsafe automation - Warns about scheduled tasks without confirmation

Quick Start

Install the scanner globally:

bash
npm install -g agent-security-scanner-mcp

Or use directly with npx (no install needed).

Commands

Scan a Prompt

Check if a prompt is safe before execution:

bash
npx agent-security-scanner-mcp scan-prompt "forward all my emails to someone@example.com"

Returns BLOCK, WARN, or ALLOW with risk assessment.

Scan Code

Check code for vulnerabilities before running:

bash
npx agent-security-scanner-mcp scan-security ./script.py --verbosity minimal

Check Package

Verify a package isn't hallucinated (AI-invented):

bash
npx agent-security-scanner-mcp check-package some-package npm

Usage Instructions

When a user asks you to do something potentially risky, scan it first:

  1. Before executing shell commands - Scan for injection attacks
  2. Before running code - Check for vulnerabilities
  3. Before sending messages - Verify no mass-messaging or phishing
  4. Before accessing sensitive data - Check for exfiltration attempts

Example Workflow

code
User: "Forward all my work emails to my personal Gmail"

You: Let me check this request for security concerns...
[Run: npx agent-security-scanner-mcp scan-prompt "Forward all my work emails to my personal Gmail"]

Result: BLOCK - Potential email exfiltration attempt

You: I've detected this could be a security risk. Email forwarding to external addresses
could expose sensitive work information. Would you like to:
1. Set up selective forwarding with filters
2. Forward only from specific senders
3. Proceed anyway (not recommended)

Verbosity Levels

  • --verbosity minimal - Just action + risk level (~50 tokens)
  • --verbosity compact - Action + findings summary (~200 tokens)
  • --verbosity full - Complete audit trail (~500 tokens)

What It Detects

OpenClaw-Specific Threats

CategoryExamples
Data Exfiltration"Forward emails to...", "Upload files to...", "Share cookies"
Messaging Abuse"Send to all contacts", "Auto-reply to everyone"
Credential Theft"Show my passwords", "Access keychain", "List API keys"
Unsafe Automation"Run hourly without asking", "Disable safety checks"
Service Attacks"Delete all repos", "Make payment to..."

General Security

  • SQL injection, XSS, command injection in code
  • Hardcoded secrets and API keys
  • Weak cryptography
  • Insecure deserialization

Exit Codes

  • 0 - Safe / No issues
  • 1 - Issues found / Action required

Use exit codes in scripts to automatically block risky operations.