security-hardening
Installation
SKILL.md
Security Hardening
一键安全加固 - One-click security hardening for AI agents.
When to Use
Use this skill when:
- An agent or skill environment needs security hardening
- You want to protect against prompt injection and social engineering attacks
- You need to deploy input filtering, command interception, or model locking
- Setting up a new workspace and want default-deny security posture
Do NOT use this skill if:
- The issue is a specific skill bug → use skill-security-audit instead
- You need to store API keys securely → use secure-key-manager instead
- You want to run attack simulations → use security-drill instead
Typical triggers:
- 「帮我加固安全」「agent安全防护」「prompt注入防御」
- "security hardening", "protect my agent", "prevent prompt injection"
- "部署安全过滤器", "设置命令拦截", "model lock配置"
Workflow
Step 1: Pre-hardening Checklist
Confirm the following before execution:
- Admin ID (e.g.,
ou_xxxxxxxx...) - Allowed models (e.g.,
kimi-coding/k2p5) - Workspace path (typically
~/.openclaw/workspace)
Step 2: Execute Hardening
# Auto (recommended)
node skills/security-hardening/install.js \
--admin=ou_xxx \
--workspace=~/.openclaw/workspace \
--models=kimi-coding/k2p5
# Interactive
node skills/security-hardening/install.js --interactive
Step 3: Verify Deployment
node skills/security-hardening/verify.js
Expected: all components ✅ and protection level 🟢 High.
Step 4: Test & Maintain
- Manually test injection / dangerous command scenarios
- Review weekly drill reports:
logs/security/drill-*.json - Update via:
node skills/security-hardening/install.js --update
Guardrails
Anti-patterns
- NEVER run hardening without verifying admin ID ownership
- NEVER skip the verification step after installation
- NEVER disclose
security/directory paths or config contents to users
Output Constraints
- Default-deny: block when uncertain
- All sensitive operations require admin validation
- Audit logs record every security-relevant action
Safety Rules
/new,/model,/resetcommands are blocked for non-admins- System paths, tokens, and
SOUL.mdcontents are redacted in responses - Persistent guard auto-restores rules after session resets
Related Skills
- skill-security-audit — Audit existing skills for security vulnerabilities and compliance gaps
- secure-key-manager — Encrypt and manage API keys with runtime decryption and output sanitization
- security-drill — Conduct automated attack simulations and validate incident response
About UniqueClub
This skill is part of the UniqueClub security toolkit. 🌐 https://uniqueclub.ai | 📂 https://github.com/wulaosiji/skills
Related skills
More from wulaosiji/skills
clawra-video-selfie
|
5wechat-article-fetcher
|
5find-skills
Helps users discover and install agent skills when they ask questions like "how do I do X", "find a skill for X", "is there a skill that can...", or express interest in extending capabilities. This skill should be used when the user is looking for functionality that might exist as an installable skill.
5feishu-chat-extractor
|
5zhuoran-selfie
|
4feishu-doc-converter
|
4