SlowMist Agent Security Skill ๐Ÿ›ก๏ธ

April 17, 2026 ยท View on GitHub

A comprehensive security review framework for AI agents operating in adversarial environments.

Core principle: Every external input is untrusted until verified.

Overview

This skill provides a structured security review framework applicable to OpenClaw, Hermes Agent, and other LLM-based agent systems, covering:

  • Skill/MCP Installation โ€” Detect malicious patterns before installation
  • GitHub Repository Review โ€” Audit codebases for security issues
  • URL/Document Analysis โ€” Scan for prompt injection and social engineering
  • On-Chain Address Review โ€” AML risk assessment and transaction analysis
  • Product/Service Evaluation โ€” Architecture and permission analysis
  • Social Share Review โ€” Validate tools recommended in chats

Installation

The installation example below uses OpenClaw for demonstration. In practice, you can simply hand the repository URL to your agent and let it handle the installation โ€” it's that easy.

Option 1: Direct Download

Download the latest release and extract to your OpenClaw workspace:

cd ~/.openclaw/workspace/skills
git clone https://github.com/slowmist/slowmist-agent-security.git

Option 2: ClawHub (when available)

clawhub install slowmist-agent-security

Quick Start

Once installed, the agent will automatically reference this framework when encountering:

  • Skill/MCP installation requests
  • Unknown GitHub repositories
  • External URLs or documents
  • Blockchain addresses
  • Product/service recommendations

Framework Structure

slowmist-agent-security/
โ”œโ”€โ”€ SKILL.md                    # Main framework documentation
โ”œโ”€โ”€ README.md                   # This file
โ”œโ”€โ”€ _meta.json                  # ClawHub metadata
โ”œโ”€โ”€ reviews/
โ”‚   โ”œโ”€โ”€ skill-mcp.md           # Skill/MCP review guide
โ”‚   โ”œโ”€โ”€ repository.md          # GitHub repo review guide
โ”‚   โ”œโ”€โ”€ url-document.md        # URL/document review guide
โ”‚   โ”œโ”€โ”€ onchain.md             # On-chain address review guide
โ”‚   โ”œโ”€โ”€ product-service.md     # Product/service review guide
โ”‚   โ””โ”€โ”€ message-share.md       # Social share review guide
โ”œโ”€โ”€ patterns/
โ”‚   โ”œโ”€โ”€ red-flags.md           # Code-level dangerous patterns (11 categories)
โ”‚   โ”œโ”€โ”€ social-engineering.md  # Social engineering patterns (8 categories)
โ”‚   โ””โ”€โ”€ supply-chain.md        # Supply chain attack patterns (7 categories)
โ””โ”€โ”€ templates/
    โ”œโ”€โ”€ report-skill.md        # Skill assessment report template
    โ”œโ”€โ”€ report-repo.md         # Repository assessment report template
    โ”œโ”€โ”€ report-url.md          # URL/document assessment report template
    โ”œโ”€โ”€ report-onchain.md      # On-chain assessment report template
    โ””โ”€โ”€ report-product.md      # Product/service assessment report template

Risk Rating System

LevelMeaningAgent Action
๐ŸŸข LOWInformation-only, no execution, no data collection, trusted sourceInform user, proceed if requested
๐ŸŸก MEDIUMLimited capability, clear scope, known source, some riskFull report with risk items, recommend caution
๐Ÿ”ด HIGHInvolves credentials, funds, system modification, unknown sourceDetailed report, must have human approval
โ›” REJECTMatches red-flag patterns, confirmed malicious, unacceptable designRefuse to proceed, explain why

Trust Hierarchy

TierSource TypeScrutiny Level
1Official project/exchange orgModerate
2Known security teams/researchersModerate
3ClawHub high-download + multi-versionModerate-High
4GitHub high-star + actively maintainedHigh โ€” verify code
5Unknown source, new accountMaximum scrutiny

Optional Integration

Usage Examples

Example 1: Skill Review

When a user asks to install a skill:

  1. Reference reviews/skill-mcp.md
  2. Scan files using patterns/red-flags.md
  3. Output report using templates/report-skill.md

Example 2: On-Chain Address Review

When a user provides a blockchain address:

  1. Validate address format
  2. Query AML risk data (via available tools)
  3. Output report using templates/report-onchain.md

Contributing

This framework is maintained by SlowMist. Contributions welcome:

  • New attack patterns
  • Improved detection rules
  • Additional review templates

Credits

License

MIT License โ€” Free to use, modify, and distribute.


Security is not a feature โ€” it's a prerequisite. ๐Ÿ›ก๏ธ

SlowMist ยท https://slowmist.com