agent-hardening
Test your agent's input sanitization against common injection attacks.
Setup & Installation
Install command
clawhub install x1xhlol/agent-hardeningIf the CLI is not installed:
Install command
npx clawhub@latest install x1xhlol/agent-hardeningOr install with OpenClaw CLI:
Install command
openclaw skills install x1xhlol/agent-hardeningor paste the repo link into your assistant's chat
Install command
https://github.com/openclaw/skills/tree/main/skills/x1xhlol/agent-hardeningWhat This Skill Does
Runs self-contained security checks on OpenClaw agents to test input sanitization. Covers unicode control character stripping, HTML comment injection detection, and bidi override character identification. Uses only hardcoded synthetic samples — no local files or external connections.
Requires nothing beyond Python 3, so checks run immediately with no setup, accounts, or network access.
When to Use It
- Verify an agent strips zero-width unicode characters before processing user input
- Detect hidden HTML directives injected into agent context windows
- Check if filename spoofing via bidi override characters is caught
- Run a quick pre-deployment security audit on a new agent
- Validate input sanitization logic during agent development
Example Workflow
Here's how your AI assistant might use this skill in practice.
User asks: Verify an agent strips zero-width unicode characters before processing user input
- 1Verify an agent strips zero-width unicode characters before processing user input
- 2Detect hidden HTML directives injected into agent context windows
- 3Check if filename spoofing via bidi override characters is caught
- 4Run a quick pre-deployment security audit on a new agent
- 5Validate input sanitization logic during agent development
Test your agent's input sanitization against common injection attacks.
Security Audits
These signals reflect official OpenClaw status values. A Suspicious status means the skill should be used with extra caution.