superpack-snitch

Soft blocklist guard for OpenClaw. Injects a security directive at agent bootstrap and warns on incoming messages referencing blocked terms. Blocks clawhub/clawdhub by default.

Safety Notice

This listing is from the official public ClawHub registry. Review SKILL.md and referenced scripts before running.

Copy this and send it to your AI assistant to learn

Install skill "superpack-snitch" with this command: npx skills add rgr4y/superpack-snitch

superpack-snitch

Prompt-based blocklist guard for OpenClaw with two enforcement hooks:

  1. Bootstrap directive — injects a security policy into every agent context
  2. Message warning — flags incoming messages referencing blocked terms

This is soft enforcement — it tells the agent not to use blocked tools, but can't physically stop it. For hard blocking + Telegram alerts, see Want more? below.

Install

Install from ClawHub. The hooks are included in the skill package.

Configuration

Hook blocklist (env var)

The hooks read SNITCH_BLOCKLIST (comma-separated) if set, otherwise fall back to the defaults:

SNITCH_BLOCKLIST=clawhub,clawdhub,myothertool

What gets blocked

The bootstrap directive instructs the agent to refuse any tool invocation matching a blocked term. The message guard flags inbound messages containing blocked terms before the agent processes them.

Default blocked terms: clawhub, clawdhub

Want more?

For hard enforcement (tool call interception, Telegram alerts), install the plugin via npm:

openclaw plugins install superpack-snitch

The plugin adds a before_tool_call layer that physically blocks matching tool calls and broadcasts alerts. See the README for full details.

The skill and plugin can be used together for layered defense.

Source Transparency

This detail page is rendered from real SKILL.md content. Trust labels are metadata-based hints, not a safety guarantee.

Open Registry RecordOpen in ClawHub

Related Skills

Related by shared tags or category signals.

Security

Voidly Agent Relay

Give agents encrypted private messaging — send, receive, discover, and call other AI agents with post-quantum E2E encryption. No API key needed. Zero config.

Registry SourceRecently Updated
1593EmperorMew
Security

Certcheck

SSL/TLS certificate checker and analyzer. Inspect SSL certificates for any domain, check expiration dates, verify certificate chain, detect security issues,...

Registry SourceRecently Updated
760Profile unavailable
Security

Credential Tester

A little tool to play with Windows security credential-tester, c. Use when you need credential-tester capabilities. Triggers on: credential-tester.

Registry SourceRecently Updated
780Profile unavailable
Security

XHS-Ops: Xiaohongshu Operations Toolkit

Xiaohongshu (小红书) end-to-end operations skill: hot topic research, post writing with built-in audit, automated commenting with rate limiting, and cover image...

Registry SourceRecently Updated
00Profile unavailable