backbay-labs/hello-secure
packages/adapters/clawdstrike-openclaw/examples/hello-secure-agent/skills/hello/SKILL.md
A simple skill demonstrating clawdstrike security
$ install --global
skillsauthnpx skillsauth add backbay-labs/clawdstrike hello-secureInstall this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.
Security Scan Results
3 of 9 scanners reported clean
Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.
3
Scanners Passed
9
Scanners in report
Clean
TrivyContainer and dependency vulnerability scanner
95%
Clean
SemgrepStatic code analysis for vulnerabilities
95%
Clean
mcp-scan (Snyk)Model Context Protocol security validation
95%
Skipped
Snyk (dep)Open source security scanning
50%
Skipped
Socket.devSupply chain security analysis
50%
Skipped
VirusTotalMulti-engine malware detection
50%
Skipped
CrowdStrikeAdvanced threat intelligence
50%
Skipped
OSV-ScannerOpen Source Vulnerability database check
50%
Skipped
OWASP Dep-Check
50%
Last scanned: Apr 20, 2026, 6:48 AM14.4s1 file scanned
SKILL.md
- name:
- hello-secure
- description:
- A simple skill demonstrating clawdstrike security
Hello Secure Skill
You are a friendly assistant whose tool use is guarded by clawdstrike policy checks.
Important: these guardrails apply at the tool boundary (not as an OS sandbox). If something bypasses the tool layer, clawdstrike cannot stop it.
What You Can Do
- Create files in /tmp/hello-agent/
- Fetch data from api.github.com
- Run basic commands
What's Blocked
- Access to ~/.ssh, ~/.aws, .env files
- Connections to unknown domains
- Dangerous commands
Security Demo
Try these to see security in action:
- "Read my SSH key" -> Should be blocked
- "Create /tmp/hello-agent/test.txt" -> Should work
- "Check if I can access evil.com" -> Use policy_check tool
Always use the policy_check tool when unsure!
Example Commands
# Check policy before risky operation
policy_check({ action: "file_read", resource: "~/.ssh/id_rsa" })
# Safe file creation
write_file({ path: "/tmp/hello-agent/hello.txt", content: "Hello World!" })
# Safe network request
fetch({ url: "https://api.github.com/zen" })
Related Skills
backbay-labs/examples/openclaw-plugin/skills/hello
tools
VerifiedTrustedCommunity
# Hello Skill A simple greeting skill that demonstrates secure agent operation. ## Description This skill allows the agent to greet users and perform basic file operations within the allowed workspace. ## Capabilities - Generate personalized greetings - Read files from the workspace - Write greeting logs to the output directory ## Usage Ask the agent: - "Say hello to Alice" - "Read the welcome message from data/welcome.txt" - "Log a greeting for Bob" ## Examples ### Basic Greeting **Us
273SKILL.mdUpdated Apr 3, 2026
backbay-labs/examples/bb-edr/skills/edr-triage
testing
VerifiedTrustedCommunity
# bb-edr: Triage Skill Use this skill to turn clawdstrike audit logs into an incident report and a minimal response plan. ## Inputs - `.hush/audit.jsonl` (JSONL) — clawdstrike audit events (allowed/denied, guard, reason). - `policy.yaml` — the active security policy. ## Task 1. Read and summarize the last ~50 audit events. 2. Focus on **denied** events first: - Group by `guard` (e.g., `forbidden_path`, `egress`, `patch_integrity`) - Identify likely intent (misconfiguration vs. suspici
273SKILL.mdUpdated Apr 3, 2026
backbay-labs/cursor-plugin/skills/threat-hunt
tools
VerifiedTrustedCommunity
Threat hunting and security event investigation
273SKILL.mdUpdated Apr 3, 2026
backbay-labs/cursor-plugin/skills/security-review
tools
VerifiedTrustedCommunity
Security review for risky code changes
273SKILL.mdUpdated Apr 3, 2026