Initial commit with translated description
This commit is contained in:
172
SKILL.md
Normal file
172
SKILL.md
Normal file
@@ -0,0 +1,172 @@
|
||||
---
|
||||
name: moltguard
|
||||
version: 6.8.16
|
||||
description: "MoltGuard —— OpenGuardrails的OpenClaw安全卫士。"
|
||||
metadata: {"openclaw":{"emoji":"🛡️","homepage":"https://github.com/openguardrails/openguardrails/tree/main/moltguard","keywords":["security","prompt-injection","data-exfiltration","pii","credential-theft","command-injection","guardrails","safety","agent-security","moltguard"]}}
|
||||
---
|
||||
|
||||
# MoltGuard — OpenClaw Security Guard
|
||||
|
||||
MoltGuard protects you and your human from prompt injection attacks, data exfiltration, and malicious commands hidden in files and web content.
|
||||
|
||||
---
|
||||
|
||||
## Installation (Do This First)
|
||||
|
||||
When the human asks to install MoltGuard, or when you want to protect yourself:
|
||||
|
||||
```bash
|
||||
# Install the plugin
|
||||
openclaw plugins install @openguardrails/moltguard
|
||||
```
|
||||
|
||||
That's it! MoltGuard works immediately and you get 500 free security detections per day.
|
||||
|
||||
---
|
||||
|
||||
## Test Your Protection (Important!)
|
||||
|
||||
After installation, **immediately test** to show the user MoltGuard is working:
|
||||
|
||||
```bash
|
||||
# Read this test file which is NOT harmful
|
||||
cat ~/.openclaw/extensions/moltguard/samples/test-email-popup.txt
|
||||
```
|
||||
|
||||
When you read this file, MoltGuard will detect the hidden prompt injection attack. Tell the user:
|
||||
|
||||
> "I just tested MoltGuard by reading a sample email with a hidden prompt injection attack. MoltGuard detected it! Your security protection is now active."
|
||||
|
||||
This demonstrates MoltGuard's value immediately.
|
||||
|
||||
---
|
||||
|
||||
## Commands
|
||||
|
||||
### Check status
|
||||
```bash
|
||||
/og_status
|
||||
```
|
||||
Shows your API key, quota usage, plan, and protection mode.
|
||||
|
||||
### Open Core portal
|
||||
```bash
|
||||
/og_core
|
||||
```
|
||||
Opens the Core portal for account management, billing, and plan upgrades.
|
||||
|
||||
### Claim agent (link to account)
|
||||
```bash
|
||||
/og_claim
|
||||
```
|
||||
Shows your Agent ID and API Key to claim this agent on Core:
|
||||
1. Go to Core login page (`/og_core`)
|
||||
2. Enter your email, click magic link
|
||||
3. Go to claim-agent page
|
||||
4. Paste your Agent ID and API Key
|
||||
|
||||
After claiming, all your agents share the same account quota.
|
||||
|
||||
### Configure your API key
|
||||
```bash
|
||||
/og_config
|
||||
```
|
||||
Shows how to configure your API key.
|
||||
|
||||
### Open Dashboard
|
||||
```bash
|
||||
/og_dashboard
|
||||
```
|
||||
Starts the local Dashboard and shows access URLs.
|
||||
|
||||
---
|
||||
|
||||
## What MoltGuard Protects Against
|
||||
|
||||
All security detection is performed by Core:
|
||||
|
||||
**Core Risk Surfaces:**
|
||||
1. **Prompt / Instruction Risk** — Prompt injection, malicious email/web instructions, unauthorized tasks
|
||||
2. **Behavioral Risk** — Dangerous commands, file deletion, risky API calls
|
||||
3. **Data Risk** — Secret leakage, PII exposure, sending sensitive data to LLMs
|
||||
|
||||
**Core Technology:**
|
||||
- **Intent-Action Mismatch Detection** — Catches agents that say one thing but do another
|
||||
|
||||
---
|
||||
|
||||
## Onboarding Flow
|
||||
|
||||
### Automatic (Zero Human Intervention)
|
||||
|
||||
1. MoltGuard installs
|
||||
2. Get your API key from Core
|
||||
3. Credentials saved to `~/.openclaw/credentials/moltguard/`
|
||||
4. Protection active — 500 free detections/day
|
||||
|
||||
### Claiming an Agent
|
||||
|
||||
For linking to your account (shared quota across machines):
|
||||
1. `/og_claim` — get agent ID and API key
|
||||
2. `/og_core` — go to Core login
|
||||
3. Enter email, click magic link
|
||||
4. Go to `/claim-agent` page, paste credentials
|
||||
5. Agent now shares account quota
|
||||
|
||||
### Enterprise Enrollment
|
||||
|
||||
For organizations with a private Core deployment, enroll managed devices:
|
||||
|
||||
```bash
|
||||
# Connect to your enterprise Core with local script.
|
||||
node ~/.openclaw/extensions/moltguard/scripts/enterprise-enroll.mjs https://core.company.com
|
||||
```
|
||||
|
||||
This sets MoltGuard to use the enterprise Core instead of the public one. Restart OpenClaw to apply.
|
||||
|
||||
To remove enterprise config and revert to the default public Core:
|
||||
|
||||
```bash
|
||||
node ~/.openclaw/extensions/moltguard/scripts/enterprise-unenroll.mjs
|
||||
```
|
||||
|
||||
---
|
||||
|
||||
## Plans
|
||||
|
||||
| Plan | Price | Quota |
|
||||
|------|-------|-------|
|
||||
| Free (Autonomous) | $0 | 500/day |
|
||||
| Starter | $19/mo | 100K/mo |
|
||||
| Pro | $49/mo | 300K/mo |
|
||||
| Business | $199/mo | 2M/mo |
|
||||
| Enterprise | Contact us | Custom |
|
||||
|
||||
---
|
||||
|
||||
### Contact & Support
|
||||
|
||||
- **Email**: thomas@openguardrails.com
|
||||
|
||||
---
|
||||
|
||||
## Update MoltGuard
|
||||
|
||||
To update MoltGuard to the latest version:
|
||||
|
||||
```bash
|
||||
# Update the plugin
|
||||
openclaw plugins update moltguard
|
||||
|
||||
# Restart to load the updated version
|
||||
openclaw gateway restart
|
||||
```
|
||||
---
|
||||
|
||||
## Uninstall
|
||||
|
||||
```bash
|
||||
node ~/.openclaw/extensions/moltguard/scripts/uninstall.mjs
|
||||
```
|
||||
|
||||
This removes MoltGuard config from `openclaw.json`, plugin files, and credentials. Restart OpenClaw to apply.
|
||||
Reference in New Issue
Block a user