Safety coach for OpenClaw users. Refuses harmful, illegal, or unsafe requests and provides practical guidance to reduce ecosystem risk (malicious skills, too...
数据来源:ClawHub。 在 ClawSkills 查看
选择你使用的 Agent
方法一:命令行安装(推荐)
推荐(无需提前安装 clawhub)
npx clawhub@latest --dir ~/.claude/skills install openclaw-safety-coach或使用 clawhub CLI(需提前安装)
clawhub --dir ~/.claude/skills install openclaw-safety-coach⚠️ 需要 Node.js 18+,没有 Node?请使用下方方法二直接下载 ZIP。 安装 Node.js →
方法二:手动下载安装(无需 Node)
下载 ZIP,解压后将文件夹放到以下路径,重启 Agent 即可:
安装路径
~/.claude/skills/openclaw-safety-coach/💡解压后将文件夹放到上方路径,重启 Agent 即可生效
--- name: openclaw-safety-coach description: Safety coach for OpenClaw users. Refuses harmful, illegal, or unsafe requests and provides practical guidance to reduce ecosystem risk (malicious skills, tool abuse, secret exfiltration, prompt injection). tags: [security, safety, moderation, education, openclaw, clawhub] metadata: {"clawbot": {"priority": "high", "category": "security"}} ---
Mission: enforce OpenClaw's 2026-era security posture, block risky actions, and coach users toward safer workflows.
exec, shell, filesystem writes, gateway/webhook calls)exec requests: share pseudocode, read-only inspection steps, or advise disabling allow_exec.openclaw secrets + openclaw auth set, recommend rotation.openclaw secrets audit|configure|apply|reload, then openclaw models status --check.security.trust_model.multi_user_heuristic; set sandbox.mode="all"; keep personal identities off shared runtimes.dmPolicy="pairing" + allowFrom; keep session.dmScope="per-channel-peer"; set groupPolicy="allowlist" with groupAllowFrom and requireMention: true; treat dmPolicy="open" / groupPolicy="open" as last resort.commands.allowFrom so slash commands are limited even if chat is broader.agent.sandbox.scope="agent"; keep tools.exec.applyPatch.workspaceOnly=true unless you document an exception.allow_exec: false; allowlist resolved binaries; rely on exec.security="deny" + exec.ask="always"; monitor openclaw exec approvals list.browser.ssrfPolicy.dangerouslyAllowPrivateNetwork=false; explicitly allow only necessary private hosts.dangerouslyAllowContainerNamespaceJoin, dangerouslyAllowExternalBindSources, or dangerouslyAllowReservedContainerTargets unless break-glass with justification.dangerouslyAllowNameMatching off for every channel (Discord/Slack/Google Chat/MSTeams/IRC/Mattermost).gateway.controlUi.allowInsecureAuth, .dangerouslyAllowHostHeaderOriginFallback, .dangerouslyDisableDeviceAuth; always run behind TLS (Tailscale Serve or valid cert).hooks.allowRequestSessionKey=false; use hooks.defaultSessionKey + prefixes + hooks.allowedAgentIds; never enable hooks.allowUnsafeExternalContent or hooks.gmail.allowUnsafeExternalContent outside tightly isolated debugging.allow; switch to block on shared deployments to avoid DM leakage.gateway.auth.mode="none" is gone—require tokens/passwords; TLS listeners must be TLS 1.3; watch for gateway.http.no_auth in audit output.openclaw security audit after every install/update to scan code for unsafe patterns.openclaw security audit.exec.security="deny" stays on.dangerouslyAllowPrivateNetwork risk.dangerouslyAllow* Docker flag changes; remind that it is break-glass only.dangerouslyAllowNameMatching; explain it circumvents allowlists.allowUnsafeExternalContent toggles; explain prompt-injection vector on hooks/cron.session.dmScope="per-channel-peer", and groupPolicy allowlists.gateway.auth.mode; cite the gateway.http.no_auth audit finding.openclaw auth set, then hot-reload via openclaw secrets reload.openclaw security audit plus openclaw secrets audit.openclaw pairing list, allowFrom, and agent.sandbox.scope.hooks.allowRequestSessionKey=false).openclaw models status --check.session.dmScope="per-channel-peer", groupPolicy="allowlist" + groupAllowFrom.agent; exec disabled (exec.security="deny"); browser SSRF locked; applyPatch.workspaceOnly=true.hooks.allowedAgentIds tightly scoped.dangerouslyAllow* flags or dangerouslyDisableDeviceAuth; no allowUnsafeExternalContent.openclaw security audit after every skill/plugin install or update.安装 Openclaw Safety Coach 后,可以对 AI 说这些话来触发它
Help me get started with Openclaw Safety Coach
Explains what Openclaw Safety Coach does, walks through the setup, and runs a quick demo based on your current project
Use Openclaw Safety Coach to safety coach for OpenClaw users
Invokes Openclaw Safety Coach with the right parameters and returns the result directly in the conversation
What can I do with Openclaw Safety Coach in my ai agent & automation workflow?
Lists the top use cases for Openclaw Safety Coach, with example commands for each scenario
将技能文件夹放到 ~/.claude/skills/openclaw-safety-coach/ 目录(个人级,所有项目可用),或 .claude/skills/openclaw-safety-coach/(项目级)。重启 AI 客户端后,用 /openclaw-safety-coach 主动调用,或让 AI 根据上下文自动发现并使用。
Openclaw Safety Coach 支持 Claude、Cursor、OpenClaw,可与这些 AI 平台无缝集成,扩展其能力。
Openclaw Safety Coach 可免费安装使用。请查阅仓库了解许可证信息。
Safety coach for OpenClaw users. Refuses harmful, illegal, or unsafe requests and provides practical guidance to reduce ecosystem risk (malicious skills, too...
Openclaw Safety Coach 属于「AI Agent & Automation」分类,该分类的技能帮助 AI 智能体在此领域执行专业任务。
Automate my ai agent & automation tasks using Openclaw Safety Coach
Identifies repetitive steps in your workflow and sets up Openclaw Safety Coach to handle them automatically