openclaw-snitch

Multi-layer blocklist guard for OpenClaw. Hard-blocks tool calls matching banned patterns, injects a security directive at agent bootstrap, warns on incoming messages, and broadcasts Telegram alerts. Blocks clawhub/clawdhub by default.

Safety Notice

This listing is from the official public ClawHub registry. Review SKILL.md and referenced scripts before running.

Copy this and send it to your AI assistant to learn

Install skill "openclaw-snitch" with this command: npx skills add rgr4y/openclaw-snitch

openclaw-snitch

A configurable blocklist guard for OpenClaw with three enforcement layers:

  1. Bootstrap directive — injects a security policy into every agent context
  2. Message warning — flags incoming messages referencing blocked terms
  3. Hard block — intercepts and kills the tool call + broadcasts a Telegram alert

Install

Hooks (bootstrap + message guard)

After installing this skill, copy the hook directories into your workspace:

cp -r ~/.openclaw/workspace/skills/openclaw-snitch/hooks/snitch-bootstrap ~/.openclaw/hooks/snitch-bootstrap
cp -r ~/.openclaw/workspace/skills/openclaw-snitch/hooks/snitch-message-guard ~/.openclaw/hooks/snitch-message-guard

Then enable them in openclaw.json:

{
  "hooks": {
    "snitch-bootstrap": { "enabled": true },
    "snitch-message-guard": { "enabled": true }
  }
}

Plugin (hard block + Telegram alert)

For the hard enforcement layer, install the npm package:

npm install -g openclaw-snitch

Then add to openclaw.json:

{
  "plugins": {
    "allow": ["openclaw-snitch"]
  }
}

Lock down the plugin files after install so the agent can't self-modify:

chmod -R a-w ~/.openclaw/extensions/openclaw-snitch

Configuration

In openclaw.json under plugins.config.openclaw-snitch:

{
  "plugins": {
    "config": {
      "openclaw-snitch": {
        "blocklist": ["clawhub", "clawdhub"],
        "alertTelegram": true,
        "bootstrapDirective": true
      }
    }
  }
}
KeyDefaultDescription
blocklist["clawhub", "clawdhub"]Terms to block (case-insensitive word boundary match)
alertTelegramtrueBroadcast Telegram alert to all allowFrom IDs on block
bootstrapDirectivetrueInject security directive into every agent bootstrap context

Hook blocklist (env var)

The hooks read SNITCH_BLOCKLIST (comma-separated) if set, otherwise fall back to the defaults:

SNITCH_BLOCKLIST=clawhub,clawdhub,myothertool

What gets blocked

Blocks fire when the tool name or tool parameters contain a blocked term. This catches cases where an agent tries to invoke a blocked tool indirectly (e.g. exec with clawhub install in the args).

Security notes

  • The hooks in ~/.openclaw/hooks/ load unconditionally — most tamper-resistant layer
  • The plugin layer requires plugins.allow — if an agent edits openclaw.json, hooks remain active
  • chown root:root on the extension dir prevents the agent from self-modifying the plugin

Source Transparency

This detail page is rendered from real SKILL.md content. Trust labels are metadata-based hints, not a safety guarantee.

Open Registry RecordOpen in ClawHub

Related Skills

Related by shared tags or category signals.

Security

Production Code Audit

Deep-scan a codebase, understand its architecture and patterns, then produce a comprehensive audit report with prioritized fixes. Optionally apply changes on...

Registry SourceRecently Updated
1520Profile unavailable
Security

Soc Deploy Misp

Deploy MISP threat intelligence platform on any Docker-ready Linux host. Official misp-docker project with automatic MariaDB memory tuning (prevents OOM on s...

Registry SourceRecently Updated
1760Profile unavailable
Security

SEO Intel

Local SEO competitive intelligence tool. Use when the user asks about SEO analysis, competitor research, keyword gaps, content strategy, site audits, AI cita...

Registry SourceRecently Updated
2230Profile unavailable
Security

MAL-Updater

Multi-provider anime → MyAnimeList sync and recommendations skill with guarded auth, review-queue triage, health checks, bootstrap auditing, and user-systemd...

Registry SourceRecently Updated
2190Profile unavailable