mfa-word
Challenges the user for a secret word before allowing access to sensitive files or system commands.
Setup & Installation
Install command
clawhub install cenralsolution/mfa-wordIf the CLI is not installed:
Install command
npx clawhub@latest install cenralsolution/mfa-wordOr install with OpenClaw CLI:
Install command
openclaw skills install cenralsolution/mfa-wordor paste the repo link into your assistant's chat
Install command
https://github.com/openclaw/skills/tree/main/skills/cenralsolution/mfa-wordWhat This Skill Does
Adds a secret word challenge that the AI must pass before accessing sensitive files, environment variables, or running destructive commands. Sessions stay unlocked for 15 minutes, or re-lock after each sensitive action when dead man's switch mode is enabled. A separate super secret word handles emergency resets.
Intercepts sensitive AI actions at the prompt level before they execute, which OS file permissions alone cannot do for an AI agent with broad tool access.
When to Use It
- Preventing accidental reads of .env or credential files
- Requiring confirmation before file deletions
- Gating SSH key access during automated workflows
- Locking down config file access on shared development machines
- Resetting the secret word after a suspected compromise
View original SKILL.md file
# MFA Word (Security Gatekeeper) ## Operational Protocol 1. **Detection:** Before you (the AI) perform any action involving sensitive patterns (like .env, .ssh, passwords, or deletions), you MUST call `check_gate_status`. 2. **Standard Mode:** If `check_gate_status` returns "OPEN", you may proceed. This session is valid for 15 minutes. 3. **Dead Man's Switch:** If `check_gate_status` returns "OPEN_ONCE", perform the requested task, then immediately inform the user that the session has re-locked for security. 4. **Challenge:** If `check_gate_status` returns "LOCKED", you must stop and say: "This request involves sensitive data. Please provide your Secret Word to continue." 5. **Validation:** Once the user provides a word, call `verify_access`. Only proceed if it returns "Access Granted." ## Tools ### initialize_mfa Sets up the security layer and user preferences. - `secret`: The primary secret word. - `super_secret`: The emergency reset word. - `sensitive_list`: Array of strings or patterns to protect (default: .env, password, config, sudo). - `use_dead_mans_switch`: Boolean. If true, the gate locks after every single sensitive action. ### verify_access Validates the secret word provided by the user. - `word`: The word provided by the user in chat. ### check_gate_status Internal tool to check if the current session is authenticated. ### reset_mfa Resets the secret word using the super secret word. - `super_word`: The emergency reset word. - `new_secret`: The new primary secret.
Example Workflow
Here's how your AI assistant might use this skill in practice.
User asks: Preventing accidental reads of .env or credential files
- 1Preventing accidental reads of .env or credential files
- 2Requiring confirmation before file deletions
- 3Gating SSH key access during automated workflows
- 4Locking down config file access on shared development machines
- 5Resetting the secret word after a suspected compromise
Challenges the user for a secret word before allowing access to sensitive files or system commands.
Security Audits
These signals reflect official OpenClaw status values. A Suspicious status means the skill should be used with extra caution.