The Agent Skills Directory

[COMMAND_EXECUTION]: The skill executes local shell scripts (scripts/guard.sh, scripts/init.sh, scripts/add-user.sh, scripts/whoami.sh) to perform identity verification and configuration management. These scripts are part of the skill's distributed files.
[DATA_EXFILTRATION]: The scripts/whoami.sh utility reads session log files from the agent's directory (~/.openclaw/agents/main/sessions/) to help users identify their system ID. This involves accessing historical interaction data stored on the filesystem.
[COMMAND_EXECUTION]: The scripts/add-user.sh and tests/run.sh files execute Python code dynamically via shell heredocs (python3
<<'PY'). This code is used for structured data (JSON) manipulation and automated testing.
[PROMPT_INJECTION]: The skill has an indirect prompt injection surface as it processes sender_id and channel metadata from user messages.
Ingestion points: Message metadata fields described in SKILL.md.
Boundary markers: SKILL.md contains explicit instructions to ignore self-claimed identities and social engineering attempts, relying only on the verification script.
Capability inventory: Filesystem access to identities.json and session logs; execution of local scripts for authorization checks.
Sanitization: Scripts use Python's json module for safe data parsing and standard shell quoting for parameter handling.

identity-guard