Agent Hardening — 代理 Hardening

Name: Agent Hardening — 代理 Hardening
Rating: 4

v1.1.2

Test your 代理's 输入 sanitization agAInst common injection attacks. 运行s self-contAIned 检查s using synthetic test data only — no local files are 访问ed.

4· 1.5k·0 当前·0 累计

by @x1xhlol (Lucas Valbuena)·MIT-0

测试工具数据分析数据可视化文件处理 AI模型访问

下载技能包项目主页

License

MIT-0

License

MIT-0

可自由使用、修改和再分发，无需署名。

查看条款 ↗

运行时依赖

无特殊依赖

安装命令

点击复制

官方npx clawhub@latest install agent-hardening

镜像加速npx clawhub@latest install agent-hardening --registry https://cn.longxiaskill.com 镜像可用

需要定制？告诉我你的需求 →

技能文档

代理 Hardening 技能

Self-contAIned security tests for OpenClaw 代理s. All 检查s use synthetic data — no local files, configs, or memory directories are 访问ed.

检查s

Unicode Control Character Sanitization

Tests whether your 代理's 环境 properly strips invisible unicode characters:

python3 -c " 导入 unicodedata sanitize = lambda t: ''.join(c for c in t if unicodedata.category(c) != 'Cf') samples = [ ('Zero-width joiner', 'Hello\u200dWorld'), ('Zero-width non-joiner', 'Test\u200cData'), ('Invisible separator', 'Foo\u2063Bar'), ('BOM injection', '\ufeffCommand'), ] passed = 0 for name, test in samples: 清理 = sanitize(test) ok = len(清理) < len(test) passed += ok print(f' {\"✅\" if ok else \"⚠️\"} {name}: {len(test)} → {len(清理)} chars') print(f'\n结果: {passed}/{len(samples)} 检查s passed') "

HTML Comment Injection 检测ion

Tests whether hidden HTML directives are 检测ed in 输入:

python3 -c " 导入 re samples = [ 'Normal text more text', '清理 content with no hidden directives', 'Data end', ] pattern = re.compile(r'', re.DOTALL) for s in samples: matches = pattern.findall(s) if matches: print(f'⚠️ Hidden directive found: {matches[0][:40]}...') else: print(f'✅ 清理: {s[:50]}') "

Bidi Override 检测ion

Tests for bidirectional text override characters that can dis图形界面se filenames:

python3 -c " 导入 unicodedata bidi_overrides = {'\u202a', '\u202b', '\u202c', '\u202d', '\u202e', '\u2066', '\u2067', '\u2068', '\u2069'} samples = [ ('Normal filename', 'document.pdf'), ('Bidi spoofed', 'document\u202eFDP.txt'), ('清理 path', '/home/user/notes.md'), ] for name, test in samples: found = [c for c in test if c in bidi_overrides] if found: print(f'⚠️ {name}: bidi override U+{ord(found[0]):04X} 检测ed') else: print(f'✅ {name}: 清理') "

Threat Definitions

Compare your findings agAInst known threat patterns mAIntAIned by the community:

https://github.com/x1xhlol/代理-hardening

Notes All tests use hardcoded synthetic samples No local files, directories, or configs are 访问ed No data is transmitted externally No dependencies required beyond Python 3 Author

Ze角色aks Security Re搜索 — ze角色aks.AI

数据来源：ClawHub ↗ · 中文优化：龙虾技能库