Back to Details

senseguard

Compare original and translation side by side

🇺🇸

Original

English
🇨🇳

Translation

Chinese

SenseGuard

SenseGuard

Scans OpenClaw skills for natural language security threats — the kind that VirusTotal and traditional code scanners cannot detect.
Traditional scanners see SKILL.md as a text file. SenseGuard sees it as agent instructions and checks for prompt injection, data exfiltration, obfuscation, and persistence attacks.
扫描OpenClaw技能中的自然语言安全威胁——这类威胁是VirusTotal和传统代码扫描器无法检测到的。
传统扫描器将SKILL.md视为普通文本文件,而SenseGuard将其视为Agent指令,并检查是否存在prompt injection、data exfiltration、混淆和持久化攻击。

How to Use

使用方法

When the user asks to scan a skill:
bash
python3 scripts/scanner.py --target <skill-name-or-path>
Options:
  • --target all
    — scan all installed skills
  • --deep
    — force LLM semantic analysis (Layer 2)
  • --no-cache
    — skip cached results
  • --json
    — output raw JSON for further processing
当用户要求扫描技能时:
bash
python3 scripts/scanner.py --target <skill-name-or-path>
可选参数:
  • --target all
    — 扫描所有已安装的技能
  • --deep
    — 强制启用LLM语义分析(第二层)
  • --no-cache
    — 跳过缓存结果
  • --json
    — 输出原始JSON以进行后续处理

Layer 2 (Semantic Analysis)

第二层(语义分析)

When 
--json
output contains a 
layer2_prompt
field, process it as a security audit task, then feed the JSON result back to generate the final score. This is how the LLM analyzes intent beyond regex patterns.
--json
输出包含
layer2_prompt
字段时,将其作为安全审计任务处理,然后将JSON结果反馈回来以生成最终评分。这就是LLM超越正则表达式模式分析意图的方式。

Output

输出结果

The scanner outputs a Markdown risk report with:
  • Score (0-100) and rating: SAFE / CAUTION / DANGEROUS / MALICIOUS
  • Findings with rule IDs, evidence text, and line numbers
  • Actionable recommendations
For CRITICAL findings, clearly advise the user to take action.
扫描器会输出一份Markdown格式的风险报告,包含:
  • 评分(0-100)和评级:SAFE / CAUTION / DANGEROUS / MALICIOUS
  • 带有规则ID、证据文本和行号的检测结果
  • 可执行的建议
对于CRITICAL检测结果,需明确建议用户采取行动。

Key Differentiator

核心优势

SenseGuard catches what VirusTotal cannot:
  • "ignore all previous instructions"
    — prompt injection
  • curl -X POST
    hidden in Markdown — data exfiltration
  • Zero-width characters hiding commands — obfuscation
  • "modify MEMORY.md"
    — persistence attacks
These are invisible to traditional malware scanners because they target the AI agent, not the operating system.
SenseGuard能够捕捉VirusTotal无法检测到的威胁:
  • "ignore all previous instructions"
    — prompt injection
  • 隐藏在Markdown中的
    curl -X POST
    — data exfiltration
  • 隐藏命令的零宽字符 — 混淆
  • "modify MEMORY.md"
    — 持久化攻击
这些威胁对传统恶意软件扫描器来说是不可见的,因为它们针对的是AI Agent而非操作系统。