📦 Guardian Wall — 防注入盾

v1.0.0

拦截提示注入攻击，自动屏蔽外部网页或文件中的恶意指令，净化输入后再送入大模型，保障对话安全。

0· 317·0 当前·0 累计

by @1999azzar (azzar budiyanto)

安全 AI模型访问文件处理

下载技能包

最后更新

2026/3/1

安全扫描

VirusTotal

无害

查看报告

OpenClaw

安全

high confidence

The skill is internally consistent with its stated purpose (sanitizing and detecting prompt-injection), includes a local sanitizer script and defensive guidance, and does not request unrelated credentials or install external code.

评估建议

This skill appears coherent and implements a local sanitizer plus a reference of injection patterns. Before installing, consider: (1) Review scripts/sanitize.py yourself — it decodes and prints portions of Base64 it finds, which will surface any sensitive data embedded in inputs; (2) Limit what the 'audit' sub-agent can access and audit its permissions before allowing autonomous spawning; (3) Test the sanitizer on representative malicious/benign samples to tune false positives (homoglyph and bas...

详细分析 ▾

✓ 用途与能力

Name/description, SKILL.md, patterns.md, and scripts/sanitize.py all align: the package's assets are exactly what you'd expect for a prompt-injection sanitizer and auditor. No unrelated env vars, binaries, or installs are requested.

ℹ 指令范围

SKILL.md stays on-purpose (sanitize, wrap in randomized delimiters, optionally spawn an audit sub-agent). The recommendation to spawn a sub-agent for high-stakes content is reasonable but can expand the blast radius depending on that sub-agent's privileges — the skill itself doesn't define that sub-agent's scope.

✓ 安装机制

No install spec (instruction-only) and the included Python script is shipped with the skill. Nothing is downloaded from external or untrusted URLs.

ℹ 凭证需求

The skill requests no credentials or config paths. Minor note: scripts/sanitize.py decodes Base64 matches and prints fragments of the decoded content, which could reveal any sensitive text embedded in the external input (this is by design for detection but could surface secrets if an input contains them).

✓ 持久化与权限

always:false and user-invocable:true (normal). The skill does not request permanent presence, nor does it modify other skills or system-wide settings.

安全有层次，运行前请审查代码。

运行时依赖

无特殊依赖

版本

latestv1.0.02026/3/1

Initial release of guardian-wall skill

● 无害

安装命令

点击复制

官方npx clawhub@latest install guardian-wall-azzar

镜像加速npx clawhub@latest install guardian-wall-azzar --registry https://cn.longxiaskill.com

数据来源：ClawHub ↗ · 中文优化：龙虾技能库