skillshield

Sandboxed command runner for AI agents — validates and isolates every shell action inside a Bubblewrap user namespace.

Safety Notice

This listing is from the official public ClawHub registry. Review SKILL.md and referenced scripts before running.

Copy this and send it to your AI assistant to learn

Install skill "skillshield" with this command: npx skills add star8592/skillshield-openclaw

skillshield

Sandboxed command runner for AI agents — validates and isolates every shell action inside a Bubblewrap user namespace.

SkillShield sits between your AI agent and the operating system. Before any shell command runs, a lightweight Rust daemon checks it against a set of safety rules and decides whether to allow it, sandbox it, or ask for your confirmation. Every decision is logged so you always know what happened.

What it does

  1. Validates commands — checks each shell request against configurable rules before execution.
  2. Isolates execution — runs approved commands inside a Bubblewrap sandbox with a minimal, read-only root filesystem.
  3. Limits repetition — stops agents that get stuck in a loop and start consuming too many resources.
  4. Logs decisions — every action (allowed, sandboxed, or paused for review) is recorded with structured metadata.

How to use

# Install from ClawHub
npx clawhub@latest install skillshield-openclaw

# Run a command through the safety layer
./skillshield-exec.sh "echo hello world"

Requirements

DependencyPurpose
LinuxUser-namespace support
bwrapBubblewrap sandbox runtime
cargoBuilds the Rust daemon on first run

Links

Source Transparency

This detail page is rendered from real SKILL.md content. Trust labels are metadata-based hints, not a safety guarantee.

Open Registry RecordOpen in ClawHub

Related Skills

Related by shared tags or category signals.

Security

Mermaid 转飞书图片 Canvas 渲染版

自动将 Mermaid 代码通过浏览器 Canvas 渲染为 PNG 图片并上传发送到飞书对话,实现图表可视化展示。

Registry SourceRecently Updated
3880Profile unavailable
Security

Feishu Doc Block Writer

Generate/edit images with Nano Banana Pro (Gemini 3 Pro Image). Use for image create/modify requests incl. edits. Supports text-to-image + image-to-image; 1K...

Registry SourceRecently Updated
3400Profile unavailable
Security

Claude Agent

作为项目经理操作 Claude Code 完全体。包含:任务执行(提示词设计→执行→监控→质量检查→迭代→汇报)。通过 tmux 操作交互式 CLI,通过 hooks + pane monitor 实现异步唤醒。NOT for: 简单单行编辑(用 edit)、读文件(用 read)、快速问答(直接回答)。

Registry SourceRecently Updated
2790Profile unavailable
Security

OpenClaw Security Configurator

为OpenClaw提供企业级安全配置和监控功能,解决高系统权限带来的安全风险,符合金融合规要求。

Registry SourceRecently Updated
2120Profile unavailable