Safety Guide
How to use OpenClaw skills without compromising your system.
The Sentinel's Guarantee
Every Soul, Skill, and Product in this directory has been manually audited for the "Lethal Trifecta":
- •Static Analysis: We scan for dangerous shell commands (rm, sudo, chmod) hidden in prompts.
- •Permissions Check: We verify that the declared manifest matches the actual code behavior.
- •Exfiltration Audit: We flag any persona that attempts to send your local data to third-party endpoints.
The Reality Check
Verification is a filter, not a bulletproof vest. Prompt injection is a "cat and mouse" game. Even a "Verified Safe" Soul can be tricked by a cleverly crafted external input (like a malicious email).
The Rules of Engagement:
- •Docker is Non-Negotiable: If you run OpenClaw directly on your host machine, you are asking for trouble. Keep it in a container.
- •Air-Gap Your Identity: Do not give an agent full access to your primary Gmail. Use the "Shadow Account" strategy.
- •Human-in-the-Loop: Never enable auto-execute for shell commands or emails. If the bot wants to run a script, it needs your y/n.
The Golden Rule
Never run a skill without reading its source code first. Skills are community-created and can do anything on your machine. Take 30 seconds to check the GitHub link.
Understanding Ratings
Red Flags to Watch For
- ×Downloads files from external URLs
- ×Executes shell commands without explanation
- ×Accesses system directories (/etc, /usr, etc.)
- ×Sends data to unknown servers
- ×Requests admin/root privileges
- ×Obfuscated or minified code
If Something Goes Wrong
- 1Press Ctrl+C to stop immediately
- 2Run git diff to see what changed
- 3Revoke any API keys it accessed
- 4Report the skill on GitHub
Before Running Any Skill
The Legal Bit
This directory is provided "as-is." While we bust our ass to ensure these souls aren't malicious, the final execution happens on your hardware. If a soul ignores its guardrails and nukes your environment because you didn't sandbox it, that's on you. Stay sharp. Stay sandboxed.