✓ Verified
💻 Development
✓ Enhanced Data
Guava Guard
Runtime security guard for OpenClaw agents.
- Rating
- 4.3 (206 reviews)
- Downloads
- 1,025 downloads
- Version
- 1.0.0
Overview
Runtime security guard for OpenClaw agents.
Complete Documentation
View Source →
GuavaGuard 🛡️ — Part of the guard-scanner Ecosystem
Runtime security scanner and monitor for your OpenClaw agent.
🔗 Looking for full static scanning? → clawhub install guard-scanner (150+ patterns, 23 categories, 4,000+ downloads)GuavaGuard watches tool calls in real-time and warns when it detects dangerous patterns — reverse shells, credential exfiltration, sandbox escapes, and more.
Quick Start
bash
# 1. Install the full security scanner suite
clawhub install guard-scanner # Static scanner (150+ patterns)
clawhub install guava-guard # Runtime monitor (12 patterns)
# 2. Pre-install safety gate
npx guard-scanner ./skills --self-exclude --verbose
# 3. Enable the runtime hook
openclaw hooks install skills/guava-guard/hooks/guava-guard
openclaw hooks enable guava-guard
# 4. Restart gateway, then verify:
openclaw hooks list # Should show 🍈 guava-guard as ✓ readyWhat It Detects (12 runtime patterns)
| Pattern | Severity | Example | ||
|---|---|---|---|---|
| Reverse shell | 🔴 CRITICAL | /dev/tcp/, nc -e, socat TCP | ||
| Credential exfiltration | 🔴 CRITICAL | Secrets → webhook.site, ngrok, requestbin | ||
| Guardrail disabling | 🔴 CRITICAL | exec.approval = off (CVE-2026-25253) | ||
| macOS Gatekeeper bypass | 🔴 CRITICAL | xattr -d quarantine | ||
| ClawHavoc AMOS | 🔴 CRITICAL | socifiapp, Atomic Stealer indicators | ||
| Base64 → shell | 🔴 CRITICAL | base64 -d \ | bash | |
| Download → shell | 🔴 CRITICAL | curl \ | bash, wget \ | sh |
| Cloud metadata SSRF | 🔴 CRITICAL | 169.254.169.254 | ||
| Known malicious IP | 🔴 CRITICAL | 91.92.242.30 | ||
| DNS exfiltration | 🟠 HIGH | nslookup $secret, dig @attacker | ||
| SSH key access | 🟠 HIGH | .ssh/id_*, .ssh/authorized_keys | ||
| Crypto wallet access | 🟠 HIGH | wallet seed, mnemonic, seed phrase |
The guard-scanner Ecosystem
GuavaGuard is the runtime half of a two-layer defense:
| Layer | Tool | Patterns | When |
|---|---|---|---|
| Static | guard-scanner | 150+ patterns / 23 categories | Before install |
| Runtime | guava-guard | 12 patterns | During execution |
bash
clawhub install guard-scanner
clawhub install guava-guardguard-scanner — ClawHub search score #1 (3.591), 4,000+ downloads
- 150 static patterns + 26 runtime checks
- HTML dashboard, SARIF, JSON output
- CVE-2026-2256, CVE-2026-25046, CVE-2026-25905, CVE-2026-27825 covered
- Zero dependencies, MIT licensed
npm install guard-scanner
ClawHub: clawhub install guard-scannerCurrent Limitation
Warning: OpenClaw's hook API does not yet support blocking tool execution.
GuavaGuard currently warns only — it cannot prevent dangerous calls.
When a cancel API is added, blocking will be enabled automatically.
See: Issue #18677
Audit Log
All detections are logged to ~/.openclaw/guava-guard/audit.jsonl (JSON lines format).
License
MIT. Zero dependencies. 🍈
By Guava Parity Institute (GPI) — ASI×Human Perfect Parity
Installation
Terminal bash
openclaw install guava-guard
Copied!
💻Code Examples
openclaw hooks list # Should show 🍈 guava-guard as ✓ ready
openclaw-hooks-list--should-show--guava-guard-as--ready.txt
## What It Detects (12 runtime patterns)
| Pattern | Severity | Example |
|---------|----------|---------|
| Reverse shell | 🔴 CRITICAL | `/dev/tcp/`, `nc -e`, `socat TCP` |
| Credential exfiltration | 🔴 CRITICAL | Secrets → webhook.site, ngrok, requestbin |
| Guardrail disabling | 🔴 CRITICAL | `exec.approval = off` (CVE-2026-25253) |
| macOS Gatekeeper bypass | 🔴 CRITICAL | `xattr -d quarantine` |
| ClawHavoc AMOS | 🔴 CRITICAL | `socifiapp`, Atomic Stealer indicators |
| Base64 → shell | 🔴 CRITICAL | `base64 -d \| bash` |
| Download → shell | 🔴 CRITICAL | `curl \| bash`, `wget \| sh` |
| Cloud metadata SSRF | 🔴 CRITICAL | `169.254.169.254` |
| Known malicious IP | 🔴 CRITICAL | `91.92.242.30` |
| DNS exfiltration | 🟠 HIGH | `nslookup $secret`, `dig @attacker` |
| SSH key access | 🟠 HIGH | `.ssh/id_*`, `.ssh/authorized_keys` |
| Crypto wallet access | 🟠 HIGH | `wallet seed`, `mnemonic`, `seed phrase` |
## The guard-scanner Ecosystem
GuavaGuard is the **runtime** half of a two-layer defense:
| Layer | Tool | Patterns | When |
|-------|------|----------|------|
| **Static** | `guard-scanner` | 150+ patterns / 23 categories | Before install |
| **Runtime** | `guava-guard` | 12 patterns | During execution |
Install both for maximum protection:example.sh
# 1. Install the full security scanner suite
clawhub install guard-scanner # Static scanner (150+ patterns)
clawhub install guava-guard # Runtime monitor (12 patterns)
# 2. Pre-install safety gate
npx guard-scanner ./skills --self-exclude --verbose
# 3. Enable the runtime hook
openclaw hooks install skills/guava-guard/hooks/guava-guard
openclaw hooks enable guava-guard
# 4. Restart gateway, then verify:
openclaw hooks list # Should show 🍈 guava-guard as ✓ readyTags
#coding_agents-and-ides
#security
Quick Info
Category Development
Model Claude 3.5
Complexity Multi-Agent
Author koatora20
Last Updated 3/10/2026
🚀
Optimized for
Claude 3.5
Ready to Install?
Get started with this skill in seconds
openclaw install guava-guard
Related Skills
✓ Verified
💻 Development
4claw
4claw — a moderated imageboard for AI agents.
🧠 Claude-Ready
)}
★ 4.4 (118)
↓ 4,990
v1.0.0
✓ Verified
💻 Development
Aap Passport
Agent Attestation Protocol - The Reverse Turing Test.
🧠 Claude-Ready
)}
★ 4.3 (89)
↓ 4,621
v1.0.0
✓ Verified
💻 Development
Acestep Lyrics Transcription
Transcribe audio to timestamped lyrics using OpenAI Whisper or ElevenLabs Scribe API.
⚡ GPT-Optimized
)}
★ 3.8 (274)
↓ 17,648
v1.0.0
✓ Verified
💻 Development
Adaptive Suite
A continuously adaptive skill suite that empowers Clawdbot.
🧠 Claude-Ready
)}
★ 4.7 (88)
↓ 1,625
v1.0.0