✓ Verified 💻 Development ✓ Enhanced Data

Guard Scanner

Security scanner for AI agent skills.

Rating
4.5 (461 reviews)
Downloads
3,027 downloads
Version
1.0.0

Overview

Security scanner for AI agent skills.

Complete Documentation

View Source →

guard-scanner

Scan AI agent skills for 35 categories of threats. Detect prompt injection, identity hijacking, memory poisoning, MCP tool poisoning, supply chain attacks, and 27 more threat classes that traditional security tools miss.

Quick Start

bash
# Scan a skill directory
npx -y @guava-parity/guard-scanner ./my-skills/ --verbose

# Scan with identity protection
npx -y @guava-parity/guard-scanner ./skills/ --soul-lock --strict

Core Commands

Scan

bash
guard-scanner scan <dir>        # Scan directory
guard-scanner scan <dir> -v     # Verbose output
guard-scanner scan <dir> --json # JSON output
guard-scanner scan <dir> --sarif # SARIF for CI/CD
guard-scanner scan <dir> --html # HTML report

Asset Audit

Audit public registries for credential exposure.

bash
guard-scanner audit npm <username>
guard-scanner audit github <username>
guard-scanner audit clawhub <query>
guard-scanner audit all <username> --verbose

MCP Server

Start as MCP server for IDE integration.

bash
guard-scanner serve

Editor config (Cursor, Windsurf, Claude Code, OpenClaw):

json
{
  "mcpServers": {
    "guard-scanner": {
      "command": "npx",
      "args": ["-y", "@guava-parity/guard-scanner", "serve"]
    }
  }
}

MCP tools: scan_skill, scan_text, check_tool_call, audit_assets, get_stats.

Watch Mode

Monitor skill directories in real-time during development.

bash
guard-scanner watch ./skills/ --strict --soul-lock

VirusTotal Integration

Combine semantic detection with VirusTotal's 70+ antivirus engines. Optional — guard-scanner works fully without it.

bash
export VT_API_KEY=your-key
guard-scanner scan ./skills/ --vt-scan

Runtime Guard

The validated OpenClaw surface is the compiled runtime plugin entry (dist/openclaw-plugin.mjs) discovered through package.json > openclaw.extensions and mounted on before_tool_call for OpenClaw v2026.3.8.

The before_tool_call hook provides 27 runtime checks across 5 defense layers:

LayerFocus
1. Threat DetectionReverse shell, curl\bash, SSRF
2. Trust DefenseSOUL.md tampering, memory injection
3. Safety JudgePrompt injection in tool arguments
4. BehavioralNo-research execution detection
5. Trust ExploitationAuthority claims, creator bypass
Modes: monitor (log only), enforce (block CRITICAL, default), strict (block HIGH+).

Key Flags

FlagEffect
--verbose / -vDetailed findings with line numbers
--strictLower detection thresholds
--soul-lockEnable identity protection patterns
--vt-scanAdd VirusTotal double-layered check
--json / --sarif / --htmlOutput format
--fail-on-findingsExit 1 on findings (CI/CD)
--check-depsScan package.json dependencies
--rules Load custom rules JSON
--plugin Load plugin module

Custom Rules

javascript
module.exports = {
  name: 'my-plugin',
  patterns: [
    { id: 'MY_01', cat: 'custom', regex: /dangerous_pattern/g, severity: 'HIGH', desc: 'Description', all: true }
  ]
};

bash
guard-scanner ./skills/ --plugin ./my-plugin.js

CI/CD Integration

yaml
# .github/workflows/security.yml
- name: Scan AI skills
  run: npx -y @guava-parity/guard-scanner ./skills/ --format sarif --fail-on-findings > report.sarif
- uses: github/codeql-action/upload-sarif@v3
  with:
    sarif_file: report.sarif

Threat Categories

35 categories covering OWASP LLM Top 10 + Agentic Security Top 10. See src/patterns.js for the full pattern database. Key categories:

  • Prompt Injection — hidden instructions, invisible Unicode, homoglyphs
  • Identity Hijacking ⚿ — persona swap, SOUL.md overwrites, memory wipe
  • Memory Poisoning ⚿ — crafted conversation injection
  • MCP Security — tool poisoning, SSRF, shadow servers
  • A2A Contagion — agent-to-agent worm propagation
  • Supply Chain V2 — typosquatting, slopsquatting, lifecycle scripts
  • CVE Patterns — CVE-2026-2256, 25046, 25253, 25905, 27825
⚿ = Requires --soul-lock flag

Installation

Terminal bash 

openclaw install guard-scanner
Copied!

💻Code Examples

npx -y @guava-parity/guard-scanner ./skills/ --soul-lock --strict

npx--y-guava-parityguard-scanner-skills---soul-lock---strict.txt
## Core Commands

### Scan

guard-scanner scan <dir> --html # HTML report

guard-scanner-scan-dir---html--html-report.txt
### Asset Audit

Audit public registries for credential exposure.

guard-scanner audit all <username> --verbose

guard-scanner-audit-all-username---verbose.txt
### MCP Server

Start as MCP server for IDE integration.

}

.txt
MCP tools: `scan_skill`, `scan_text`, `check_tool_call`, `audit_assets`, `get_stats`.

### Watch Mode

Monitor skill directories in real-time during development.

guard-scanner watch ./skills/ --strict --soul-lock

guard-scanner-watch-skills---strict---soul-lock.txt
### VirusTotal Integration

Combine semantic detection with VirusTotal's 70+ antivirus engines. Optional — guard-scanner works fully without it.

guard-scanner scan ./skills/ --vt-scan

guard-scanner-scan-skills---vt-scan.txt
## Runtime Guard

The validated OpenClaw surface is the compiled runtime plugin entry (`dist/openclaw-plugin.mjs`) discovered through `package.json > openclaw.extensions` and mounted on `before_tool_call` for OpenClaw `v2026.3.8`.

The `before_tool_call` hook provides 27 runtime checks across 5 defense layers:

| Layer | Focus |
|-------|-------|
| 1. Threat Detection | Reverse shell, curl\|bash, SSRF |
| 2. Trust Defense | SOUL.md tampering, memory injection |
| 3. Safety Judge | Prompt injection in tool arguments |
| 4. Behavioral | No-research execution detection |
| 5. Trust Exploitation | Authority claims, creator bypass |

Modes: `monitor` (log only), `enforce` (block CRITICAL, default), `strict` (block HIGH+).

## Key Flags

| Flag | Effect |
|------|--------|
| `--verbose` / `-v` | Detailed findings with line numbers |
| `--strict` | Lower detection thresholds |
| `--soul-lock` | Enable identity protection patterns |
| `--vt-scan` | Add VirusTotal double-layered check |
| `--json` / `--sarif` / `--html` | Output format |
| `--fail-on-findings` | Exit 1 on findings (CI/CD) |
| `--check-deps` | Scan package.json dependencies |
| `--rules <file>` | Load custom rules JSON |
| `--plugin <file>` | Load plugin module |

## Custom Rules
example.sh
# Scan a skill directory
npx -y @guava-parity/guard-scanner ./my-skills/ --verbose

# Scan with identity protection
npx -y @guava-parity/guard-scanner ./skills/ --soul-lock --strict
example.sh
guard-scanner scan <dir>        # Scan directory
guard-scanner scan <dir> -v     # Verbose output
guard-scanner scan <dir> --json # JSON output
guard-scanner scan <dir> --sarif # SARIF for CI/CD
guard-scanner scan <dir> --html # HTML report
example.sh
guard-scanner audit npm <username>
guard-scanner audit github <username>
guard-scanner audit clawhub <query>
guard-scanner audit all <username> --verbose
example.json
{
  "mcpServers": {
    "guard-scanner": {
      "command": "npx",
      "args": ["-y", "@guava-parity/guard-scanner", "serve"]
    }
  }
}

Tags

#coding_agents-and-ides #security

Quick Info

Category Development
Model Claude 3.5
Complexity Multi-Agent
Author koatora20
Last Updated 3/10/2026
🚀
Optimized for
Claude 3.5
🧠

Ready to Install?

Get started with this skill in seconds

openclaw install guard-scanner

Resources

📂
OpenClaw Skills
View on OpenClaw GitHub

Related Skills

✓ Verified 💻 Development

4claw

4claw — a moderated imageboard for AI agents.

🧠 Claude-Ready #ai_and-llms
)}
4.4 (118)
4,990
v1.0.0
✓ Verified 💻 Development

Aap Passport

Agent Attestation Protocol - The Reverse Turing Test.

🧠 Claude-Ready #ai_and-llms
)}
4.3 (89)
4,621
v1.0.0
✓ Verified 💻 Development

Acestep Lyrics Transcription

Transcribe audio to timestamped lyrics using OpenAI Whisper or ElevenLabs Scribe API.

GPT-Optimized #ai_and-llms #api #script
)}
3.8 (274)
17,648
v1.0.0
✓ Verified 💻 Development

Adaptive Suite

A continuously adaptive skill suite that empowers Clawdbot.

🧠 Claude-Ready #ai_and-llms #bot
)}
4.7 (88)
1,625
v1.0.0