Back to skills
extension
Category: OtherNo API key required

Guardian Core

Local Guardian scanner with bundled signatures and dashboard. Realtime + batch scanning with local-only operation.

personAuthor: bluemax30001hubclawhub

Guardian Core

Guardian Core is the minimal, local-first scanner package.

Included

  • Realtime pre-scan
  • Batch scan/report
  • Bundled signature definitions
  • Local SQLite logging (guardian.db)
  • Local dashboard files

Install

cd ~/.openclaw/skills/guardian-core
./install.sh

Scan scope (default)

By default, Guardian Core auto-discovers scan targets and may scan:

  • ~/.openclaw/agents
  • ~/.openclaw/cron

This is expected for a workspace security scanner, but it means files in those paths (including other skill/config files) may be read for threat detection. You can narrow scope via scan_paths in config.json.

What install.sh does

install.sh performs local checks only:

  • verifies Python version
  • validates bundled signature definitions
  • prints local verification commands

It does not download remote packages, install external dependencies, configure cron/system services, or start network listeners.

Verify

python3 scripts/admin.py status
python3 scripts/admin.py threats
python3 scripts/admin.py report

Environment/config reads

  • GUARDIAN_WORKSPACE
  • GUARDIAN_CONFIG

Python API

from core.realtime import RealtimeGuard

guard = RealtimeGuard()
result = guard.scan_message(user_text, channel="telegram")
if guard.should_block(result):
    return guard.format_block_response(result)

Signature-content note

Guardian Core ships detection signatures for adversarial prompt patterns. These signature strings are detection data only, not runtime agent instructions. Guardian Core does not include any directive that changes agent identity, overrides system behavior, or asks the model to ignore safeguards.