📦 Sentinel - AI Agent State Guardian — 实用工具
v1.0.1和 self-healing 用于 AI agent workspaces. Detects unexpected changes, creates automatic backups, self-heals from corr...
0· 274·0 当前·0 累计
by 安全扫描
OpenClaw
安全
high confidenceThis package is internally consistent with its stated purpose: a local-only file integrity/backup/restore tool that requires filesystem access to the configured workspace and backup locations but does not request credentials or network access by default.
评估建议
This skill appears to do what it says: local monitoring, backup, manifest, and restore. Before installing or running it, do the following: 1) Review and edit sentinel_config.py to point WORKSPACE_ROOT only at the workspace you intend to monitor (do NOT set it to / or other system-wide paths). 2) Set BACKUP_DIR to a location with sufficient space, ideally on a separate disk or encrypted volume; be aware backups are stored unencrypted and can contain secrets. 3) Set STATE_FILE, LOG_FILE, and ALERT...详细分析 ▾
✓ 用途与能力
Name/description match implementation: code scans a configured WORKSPACE_ROOT, computes hashes, writes a state file, creates timestamped backups, and offers restore/manifest tools. No unrelated cloud or service credentials are requested and required files and operations align with a backup/integrity tool.
ℹ 指令范围
SKILL.md and code instruct the agent to copy config_example.py to sentinel_config.py and then scan the configured workspace recursively. That means the tool will read any files under WORKSPACE_ROOT and write to BACKUP_DIR and STATE_FILE — expected for this purpose, but potentially wide in scope if WORKSPACE_ROOT is misconfigured (e.g., set to /). The instructions advise running as a service; nothing in SKILL.md asks the agent to read unrelated system credentials or external files.
✓ 安装机制
No install spec or external dependencies; code is pure Python stdlib. There is no remote download or archive extraction. This is low risk from supply-chain/install perspective.
ℹ 凭证需求
The skill requests no environment variables or external credentials (ok). It does, however, require write/read access to user-specified filesystem paths (WORKSPACE_ROOT, BACKUP_DIR, STATE_FILE, LOG_FILE, ALERT_FILE). Those locations may contain secrets or sensitive files; storing backups in plain form (no encryption) is documented as a limitation and is expected but important to note.
ℹ 持久化与权限
Skill is not always-enabled and is user-invocable. It can be run continuously or installed as a systemd/launchd service (documented), which grants it persistent filesystem activity. AUTO_RESTORE_ON_CORRUPTION defaults to True in examples — this can cause automatic overwrites/restores if enabled, so users should test with AUTO_RESTORE disabled until confident.
安全有层次,运行前请审查代码。
运行时依赖
无特殊依赖
安装命令
点击复制官方npx clawhub@latest install sentinel
镜像加速npx clawhub@latest install sentinel --registry https://cn.longxiaskill.com镜像同步中