SenseGuard

Scans OpenClaw skills for natural language security threats — the kind that VirusTotal and traditional code scanners cannot detect.

Traditional scanners see SKILL.md as a text file. SenseGuard sees it as agent instructions and checks for prompt injection, data exfiltration, obfuscation, and persistence attacks.

How to Use

When the user asks to scan a skill:

CODEBLOCK0

Options:

• - --target all — scan all installed skills
• INLINECODE1 — force LLM semantic analysis (Layer 2)
• INLINECODE2 — skip cached results
• INLINECODE3 — output raw JSON for further processing

Layer 2 (Semantic Analysis)

When --json output contains a layer2_prompt field, process it as a security audit task, then feed the JSON result back to generate the final score. This is how the LLM analyzes intent beyond regex patterns.

Output

The scanner outputs a Markdown risk report with:

• - Score (0-100) and rating: SAFE / CAUTION / DANGEROUS / MALICIOUS
• Findings with rule IDs, evidence text, and line numbers
• Actionable recommendations

For CRITICAL findings, clearly advise the user to take action.

Key Differentiator

SenseGuard catches what VirusTotal cannot:

• - "ignore all previous instructions" — prompt injection
• INLINECODE7 hidden in Markdown — data exfiltration
• Zero-width characters hiding commands — obfuscation
• INLINECODE8 — persistence attacks

These are invisible to traditional malware scanners because they target the AI agent, not the operating system.