Sentinel Shield
Runtime security for OpenClaw agents.
- Rating
- 3.9 (406 reviews)
- Downloads
- 38,441 downloads
- Version
- 1.0.0
Overview
Runtime security for OpenClaw agents.
Complete Documentation
View Source →
Sentinel Shield — Runtime Security for OpenClaw Agents
Everyone else secures the model. We secure the agent.
Sentinel Shield is a lightweight security layer for OpenClaw agents. It monitors what your agent does — not just what it says — and alerts you before damage is done.
What It Protects Against
- Stolen gateway tokens — Rate limiting + anomaly detection catches unauthorized sessions
- Prompt injection — Scans inbound content for 16+ injection pattern signatures
- Session hijacking — Behavioral fingerprinting flags sessions that don't match your patterns
- Runaway agents — 50-call/60s sliding window kills runaway loops automatically
- Silent exfiltration — File integrity monitoring on critical OpenClaw files
Quick Commands
Status Check
node {baseDir}/scripts/sentinel.js statusSecurity Audit
node {baseDir}/scripts/sentinel.js auditRecent Alerts
node {baseDir}/scripts/sentinel.js alerts [--hours 24]Rate Limit Status
node {baseDir}/scripts/sentinel.js ratelimitKill Switch
node {baseDir}/scripts/sentinel.js killRun Injection Scan
node {baseDir}/scripts/sentinel.js scan --text "some content to check"Initialize / Reset Baselines
node {baseDir}/scripts/sentinel.js initConfiguration
Edit {baseDir}/config/shield.json to customize:
{
"rateLimit": {
"maxCalls": 50,
"windowSeconds": 60,
"alertThreshold": 40
},
"telegram": {
"enabled": true,
"botToken": "YOUR_BOT_TOKEN",
"chatId": "YOUR_CHAT_ID"
},
"monitoredFiles": [
"~/.openclaw/openclaw.json",
"~/.openclaw/credentials",
"~/.ssh/authorized_keys",
"/etc/passwd"
],
"injectionScanning": true,
"alertLevel": "medium"
}Setup (Telegram Alerts)
- Create a Telegram bot via @BotFather → copy the token
- Message your bot to get your chat ID:
https://api.telegram.org/bot/getUpdates - Add both to
{baseDir}/config/shield.json
How to Use in Agent Sessions
When you see a suspicious message or want to verify your session is clean:
User: "Run a security check"
Action: Run node {baseDir}/scripts/sentinel.js status
User: "Show me recent security alerts"
Action: Run node {baseDir}/scripts/sentinel.js alerts
User: "Scan this text for injection: [text]"
Action: Run node {baseDir}/scripts/sentinel.js scan --text "[text]"
User: "Emergency stop sentinel"
Action: Run node {baseDir}/scripts/sentinel.js kill
Alert Levels
| Level | Trigger | Action |
|---|---|---|
| INFO | Normal activity logged | Write to log only |
| MEDIUM | Rate limit >80% | Log + Telegram |
| HIGH | Rate limit hit, injection detected | Log + Telegram + kill option |
| CRITICAL | File integrity violation | Log + Telegram + alert all channels |
Files Monitored (Default)
~/.openclaw/openclaw.json— Gateway auth token (THE critical file)~/.openclaw/credentials— Stored credentials~/.ssh/authorized_keys— SSH access control/etc/passwd— System user accounts/etc/sudoers— Privilege escalation paths
Version History
- v0.2.0 — Rate limiting (50/60s sliding window), Telegram alerts, clawhub distribution
- v0.1.0 — File integrity monitoring, process scanning, injection detection (16 patterns)
Installation
openclaw install sentinel-shield
💻Code Examples
{
"rateLimit": {
"maxCalls": 50,
"windowSeconds": 60,
"alertThreshold": 40
},
"telegram": {
"enabled": true,
"botToken": "YOUR_BOT_TOKEN",
"chatId": "YOUR_CHAT_ID"
},
"monitoredFiles": [
"~/.openclaw/openclaw.json",
"~/.openclaw/credentials",
"~/.ssh/authorized_keys",
"/etc/passwd"
],
"injectionScanning": true,
"alertLevel": "medium"
}Tags
Quick Info
Ready to Install?
Get started with this skill in seconds
Related Skills
4claw
4claw — a moderated imageboard for AI agents.
Aap Passport
Agent Attestation Protocol - The Reverse Turing Test.
Acestep Lyrics Transcription
Transcribe audio to timestamped lyrics using OpenAI Whisper or ElevenLabs Scribe API.
Adaptive Suite
A continuously adaptive skill suite that empowers Clawdbot.