Full workspace security suite: detect unauthorized modifications, scan for prompt injection patterns, and automatically respond with countermeasures — snapshot restore, skill quarantine, git rollback, and automated protection sweeps. The complete post-installation security layer for agent workspaces.
Everything in openclaw-warden (free) plus automated countermeasures.
Free version detects threats. Pro version responds to them.
python3 {baseDir}/scripts/integrity.py baseline --workspace /path/to/workspace
python3 {baseDir}/scripts/integrity.py verify --workspace /path/to/workspace
python3 {baseDir}/scripts/integrity.py scan --workspace /path/to/workspace
python3 {baseDir}/scripts/integrity.py full --workspace /path/to/workspace
python3 {baseDir}/scripts/integrity.py status --workspace /path/to/workspace
python3 {baseDir}/scripts/integrity.py accept SOUL.md --workspace /path/to/workspace
Restore a tampered file to its baseline snapshot. Critical, config, and skill files are automatically snapshotted when the baseline is established.
python3 {baseDir}/scripts/integrity.py restore SOUL.md --workspace /path/to/workspace
Restore a file to its last git-committed state.
python3 {baseDir}/scripts/integrity.py rollback SOUL.md --workspace /path/to/workspace
Disable a suspicious skill by renaming its directory. The agent will not load quarantined skills.
python3 {baseDir}/scripts/integrity.py quarantine bad-skill --workspace /path/to/workspace
Restore a quarantined skill after investigation.
python3 {baseDir}/scripts/integrity.py unquarantine bad-skill --workspace /path/to/workspace
Full scan + automatic countermeasures in one pass: restore tampered critical files, quarantine malicious skills, flag remaining issues. This is the recommended command for session startup.
python3 {baseDir}/scripts/integrity.py protect --workspace /path/to/workspace
{
"hooks": {
"SessionStart": [
{
"hooks": [
{
"type": "command",
"command": "python3 scripts/integrity.py protect",
"timeout": 30
}
]
}
]
}
}
Add to HEARTBEAT.md for periodic protection:
- Run workspace integrity protection (python3 {skill:openclaw-warden-pro}/scripts/integrity.py protect)
Run protect to auto-quarantine skills that modified workspace files.
| Category | Files | Alert Level |
|---|---|---|
| Critical | SOUL.md, AGENTS.md, IDENTITY.md, USER.md, TOOLS.md, HEARTBEAT.md | WARNING |
| Memory | memory/*.md, MEMORY.md | INFO |
| Config | *.json in workspace root | WARNING |
| Skills | skills/*/SKILL.md | WARNING |
| Command | Action |
|---|---|
protect | Full scan + auto-restore + auto-quarantine + flag |
restore <file> | Restore from baseline snapshot |
rollback <file> | Restore from git history |
quarantine <skill> | Disable skill by renaming directory |
unquarantine <skill> | Re-enable a quarantined skill |
Python standard library only. No pip install. No network calls. Everything runs locally.
Works with OpenClaw, Claude Code, Cursor, and any tool using the Agent Skills specification.