Skill

Skill Sentinel

Protects against malicious or compromised OpenClaw skills by auditing newly installed skills before first use, detecting red-flag patterns, and enforcing har...

Verified: 2026-05-15 (clawhub-ingest-2026-05-15+enrich-capability-skill)

When to use Skill Sentinel

Choose if

You operate an OpenClaw / agent host that installs third-party skills and want a quarantine-and-review layer before first execution — file-content exfil detection, credential transmission alarms, persistent-job pattern detection, scope-binding to stated trigger area, plus transparent audit trails. Best as an installation-time gate.

Avoid if

You expect a fully automated security guarantee — the README is explicit that Sentinel is not a substitute for human review of skill source. Also avoid on hosts that don't model SOUL.md / AGENTS.md / MEMORY.md or similar protected files; some hard-boundary checks won't apply.

Risk Flags

MEDIUM scope README explicitly states the sentinel "raises the bar but isn't foolproof" — only personal review of trusted-source skills is the real safeguard. Treating Sentinel as authoritative defense is unsafe.
LOW scope README hard-coded boundaries protect specific files (SOUL.md, AGENTS.md, MEMORY.md) and forbid unconfigured external exfil, credential transmission, unapproved cron jobs, and unauthorized shell commands — out of scope for users on hosts without those file primitives.

Cost

Type: Free

Distribution

ClawHub: skill-hardfloor
License: MIT-0

Use Skill Sentinel from your agent

claude mcp add auxiliar -- npx auxiliar-mcp
# Then in your agent:
get_capability(id="clawhub-skill-hardfloor")