skills/thomaslwang_moltguard
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
2d54ef0d1f4cb77eba03249c293461949c3a28ff
thomaslwang_moltguard/SKILL.md

173 lines
4.3 KiB
Markdown
Raw Blame History

---
name: moltguard
version: 6.8.16
description: "MoltGuard —— OpenGuardrails的OpenClaw安全卫士。"
metadata: {"openclaw":{"emoji":"🛡️","homepage":"https://github.com/openguardrails/openguardrails/tree/main/moltguard","keywords":["security","prompt-injection","data-exfiltration","pii","credential-theft","command-injection","guardrails","safety","agent-security","moltguard"]}}
---
# MoltGuard — OpenClaw Security Guard
MoltGuard protects you and your human from prompt injection attacks, data exfiltration, and malicious commands hidden in files and web content.
---
## Installation (Do This First)
When the human asks to install MoltGuard, or when you want to protect yourself:
```bash
# Install the plugin
openclaw plugins install @openguardrails/moltguard
```
That's it! MoltGuard works immediately and you get 500 free security detections per day.
---
## Test Your Protection (Important!)
After installation, **immediately test** to show the user MoltGuard is working:
```bash
# Read this test file which is NOT harmful
cat ~/.openclaw/extensions/moltguard/samples/test-email-popup.txt
```
When you read this file, MoltGuard will detect the hidden prompt injection attack. Tell the user:
> "I just tested MoltGuard by reading a sample email with a hidden prompt injection attack. MoltGuard detected it! Your security protection is now active."
This demonstrates MoltGuard's value immediately.
---
## Commands
### Check status
```bash
/og_status
```
Shows your API key, quota usage, plan, and protection mode.
### Open Core portal
```bash
/og_core
```
Opens the Core portal for account management, billing, and plan upgrades.
### Claim agent (link to account)
```bash
/og_claim
```
Shows your Agent ID and API Key to claim this agent on Core:
1. Go to Core login page (`/og_core`)
2. Enter your email, click magic link
3. Go to claim-agent page
4. Paste your Agent ID and API Key
After claiming, all your agents share the same account quota.
### Configure your API key
```bash
/og_config
```
Shows how to configure your API key.
### Open Dashboard
```bash
/og_dashboard
```
Starts the local Dashboard and shows access URLs.
---
## What MoltGuard Protects Against
All security detection is performed by Core:
**Core Risk Surfaces:**
1. **Prompt / Instruction Risk** — Prompt injection, malicious email/web instructions, unauthorized tasks
2. **Behavioral Risk** — Dangerous commands, file deletion, risky API calls
3. **Data Risk** — Secret leakage, PII exposure, sending sensitive data to LLMs
**Core Technology:**
- **Intent-Action Mismatch Detection** — Catches agents that say one thing but do another
---
## Onboarding Flow
### Automatic (Zero Human Intervention)
1. MoltGuard installs
2. Get your API key from Core
3. Credentials saved to `~/.openclaw/credentials/moltguard/`
4. Protection active — 500 free detections/day
### Claiming an Agent
For linking to your account (shared quota across machines):
1. `/og_claim` — get agent ID and API key
2. `/og_core` — go to Core login
3. Enter email, click magic link
4. Go to `/claim-agent` page, paste credentials
5. Agent now shares account quota
### Enterprise Enrollment
For organizations with a private Core deployment, enroll managed devices:
```bash
# Connect to your enterprise Core with local script.
node ~/.openclaw/extensions/moltguard/scripts/enterprise-enroll.mjs https://core.company.com
```
This sets MoltGuard to use the enterprise Core instead of the public one. Restart OpenClaw to apply.
To remove enterprise config and revert to the default public Core:
```bash
node ~/.openclaw/extensions/moltguard/scripts/enterprise-unenroll.mjs
```
---
## Plans
| Plan | Price | Quota |
|------|-------|-------|
| Free (Autonomous) | $0 | 500/day |
| Starter | $19/mo | 100K/mo |
| Pro | $49/mo | 300K/mo |
| Business | $199/mo | 2M/mo |
| Enterprise | Contact us | Custom |
---
### Contact & Support
- **Email**: thomas@openguardrails.com
---
## Update MoltGuard
To update MoltGuard to the latest version:
```bash
# Update the plugin
openclaw plugins update moltguard
# Restart to load the updated version
openclaw gateway restart
```
---
## Uninstall
```bash
node ~/.openclaw/extensions/moltguard/scripts/uninstall.mjs
```
This removes MoltGuard config from `openclaw.json`, plugin files, and credentials. Restart OpenClaw to apply.
Reference in New Issue View Git Blame Copy Permalink