Skip to content

GoPlusSecurity/Skill-Safefinder

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

50 Commits
hooks/safefinder-interceptor
hooks/safefinder-interceptor
 
 
references
references
 
 
scripts
scripts
 
 
.gitignore
.gitignore
 
 
README.md
README.md
 
 
README_zh-CN.md
README_zh-CN.md
 
 
SKILL.md
SKILL.md
 
 

Repository files navigation

English | 简体中文

🌐 Skill-Safefinder

A Meta-Skill Engine for AI Agents: Intelligent Routing, Global Discovery, and Visible Security Guard.

🎯 What is Skill-Safefinder?

When your AI Agent (like OpenClaw) encounters a missing capability or a complex long-chain task, Skill-Safefinder takes over as the central orchestrator. To prevent LLM hallucinations, it strictly enforces the Skill First principle: It breaks down complex intents, diagnoses local component gaps, automatically retrieves missing extension packages from global open-source communities (ClawHub, MCP Market, etc.), and runs a strict backend visible security code pre-check and risk warning before presenting them to you!

📡 Runtime & Permissions (Security Declaration)

To orchestrate tools dynamically and perform global searches, this skill explicitly declares the following requirements:

  • Runtime Required: Node.js (npm/npx) and Python 3 must be installed.
  • Filesystem Access: Read access to ~/.agents/skills to evaluate the current baseline.
  • Network Access: Internet access to hub APIs (ClawHub, MCP, etc.) for skill discovery.
  • Note on Security: Before downloading and recommending any external code, this skill enforces a strict local security scan using npx agentguard scan via a secured python wrapper.

✨ Key Features

  1. 🧭 Intelligent Routing It parses ambiguous language into a structured pipeline (e.g., [Search Web] -> [Analyze Data] -> [Send Email]) instead of doing everything in a single fragile prompt.

  2. 🔍 Active Diagnostics Automatically scans your .agents/skills directory and recommends essential starting kits (Web Browsing, File Operating, Calendar) if you are a new user.

  3. 🌍 Global Discovery Directly connects to major hubs (ClawHub, MCP Market, Smithery, Glama) to fetch whatever capability you lack.

  4. 🛡️ Visible Security Guard Integrates seamlessly with AgentGuard. Before recommending any external code, it runs a deep static scan (security_check.py). If it detects malicious intents like stealing keys, it drops the skill and immediately reports the blockade to you, so you know exactly why it was rejected.

  5. 💬 Language Mirroring No hardcoded UX texts. The status updates and safety prompts will automatically mirror the exact language you used in your initial prompt.

🚀 Installation

💡 One-Click Install (Recommended)

Copy and send the following complete instruction to your AI Agent:

"Please install skill-safefinder: run npx --yes clawhub install skill-safefinder. After the terminal confirms success, it is recommended to read its SKILL.md and execute the [AGENT POST-INSTALL HOOK] inside it for initialization. Then report back to me."

Manual Install

  1. Download the Package: Download the Skill-Safefinder.skill archive from the Releases page or ClawHub.
  2. Mount to your Agent: Copy the folder into your global agent directory (e.g., ~/.agents/skills/Skill-Safefinder).
  3. Tell your AI: After mounting, say to your Agent: "I just installed Skill-Safefinder. Read its SKILL.md and run the [AGENT POST-INSTALL HOOK]."

🛠️ For Developers / Prompts Modification

If you wish to modify its behavior, you can directly edit:

  • SKILL.md: The main entry and triggering boundary (what NOT to intercept).
  • references/routing.md: Execution rules.
  • references/discovery.md: External repo search priorities and AgentGuard strict hooks.

License: Standard MIT License.

About

No description, website, or topics provided.

Resources

Readme
Activity
Custom properties

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors

Languages