🛡️ AgentSentinel Safety Layer — 智能体安全护栏

Name: AgentSentinel Safety Layer — 智能体安全护栏
Rating: 2

v0.1.2

本地优先的预算与策略护栏，实时拦截智能体越权或超预算行为，可同步至 AgentSentinel 云端，实现多智能体统一安全治理。

2· 2.8k·6 当前·6 累计

by @jimmystacks

安全智能体自动化云服务 API工具

下载技能包项目主页

最后更新

2026/4/5

安全扫描

VirusTotal

无害

查看报告

OpenClaw

安全

medium confidence

The skill's code, runtime instructions, and required credential are consistent with a local-first policy/budget guardrail that only uploads telemetry when an API key and explicit sync are used, though there are a few minor undeclared environment variables and privacy considerations to review before enabling cloud sync.

评估建议

This skill appears to do what it says: local checks and local budget tracking by default, with an explicit opt-in sync to AgentSentinel when you set AGENT_SENTINEL_API_KEY and run the sync command. Before enabling cloud sync, consider: 1) review callguard.yaml to ensure policies don't inadvertently capture sensitive commands; events include the command string and will be uploaded during sync; 2) AGENT_SENTINEL_AGENT_ID (optional) may be included in uploads — avoid setting it if you don't want an...

详细分析 ▾

✓ 用途与能力

The name/description match the implementation: local policy and budget enforcement, local state and events, and an opt-in sync to https://api.agentsentinel.dev. Required runtime (python3) and primary credential (AGENT_SENTINEL_API_KEY) are appropriate for the claimed cloud-sync feature.

✓ 指令范围

Runtime instructions (bootstrap, check, status, reset, sync) operate only on workspace callguard.yaml and a per-user .agent-sentinel state/events files. The code does not execute the provided command string — it only checks it. Remote network activity is explicit (sync) and disclosed in SKILL.md.

✓ 安装机制

No install spec is provided (instruction-only skill) and the wrapper is pure Python using stdlib HTTP. No external downloads or package installs are performed by the skill bundle.

ℹ 凭证需求

PrimaryEnv AGENT_SENTINEL_API_KEY is declared and used only for sync. However, the code also reads AGENT_SENTINEL_HOME (to locate state/events) and AGENT_SENTINEL_AGENT_ID (included as agent_id in the uploaded payload) without those being declared in requires.env. Uploaded events include the command string and other details — enabling cloud sync will transmit that data to the platform.

✓ 持久化与权限

The skill writes only its own state and events under .agent-sentinel (or AGENT_SENTINEL_HOME) and may create callguard.yaml in the workspace via bootstrap. always:false and normal autonomous invocation are in effect; the skill does not modify other skills or system-wide configs.

安全有层次，运行前请审查代码。

运行时依赖

无特殊依赖

版本

latestv0.1.22026/2/1

AgentSentinel skill v0.1.2 - Added initial implementation files, including sentinel_wrapper.py and test_wrapper.py. - Introduced local-first budget and policy guardrails for agent actions. - Integrated command-line interface for policy checks, status reporting, sync, and session resets. - Provided optional remote sync to AgentSentinel cloud triggered by API key and explicit sync command. - Added documentation on usage, commands, configuration, security, and product scope.

● 无害

安装命令

点击复制

官方npx clawhub@latest install agent-sentinel

镜像加速npx clawhub@latest install agent-sentinel --registry https://cn.longxiaskill.com

数据来源：ClawHub ↗ · 中文优化：龙虾技能库