back
loading skill details...
Local Guardian scanner with bundled signatures and dashboard. Realtime + batch scanning with local-only operation.
---
name: guardian-core
description: Local Guardian scanner with bundled signatures and dashboard. Realtime + batch scanning with local-only operation.
version: 1.0.8
metadata:
openclaw:
requires:
bins:
- python3
env:
- GUARDIAN_WORKSPACE
- GUARDIAN_CONFIG
permissions:
- read_workspace
- write_workspace
---
# Guardian Core
Guardian Core is the minimal, local-first scanner package.
## Included
- Realtime pre-scan
- Batch scan/report
- Bundled signature definitions
- Local SQLite logging (`guardian.db`)
- Local dashboard files
## Install
```bash
cd ~/.openclaw/skills/guardian-core
./install.sh
```
## Scan scope (default)
By default, Guardian Core auto-discovers scan targets and may scan:
- `~/.openclaw/agents`
- `~/.openclaw/cron`
This is expected for a workspace security scanner, but it means files in those paths (including other skill/config files) may be read for threat detection.
You can narrow scope via `scan_paths` in `config.json`.
## What install.sh does
`install.sh` performs local checks only:
- verifies Python version
- validates bundled signature definitions
- prints local verification commands
It does **not** download remote packages, install external dependencies, configure cron/system services, or start network listeners.
## Verify
```bash
python3 scripts/admin.py status
python3 scripts/admin.py threats
python3 scripts/admin.py report
```
## Environment/config reads
- `GUARDIAN_WORKSPACE`
- `GUARDIAN_CONFIG`
## Python API
```python
from core.realtime import RealtimeGuard
guard = RealtimeGuard()
result = guard.scan_message(user_text, channel="telegram")
if guard.should_block(result):
return guard.format_block_response(result)
```
## Signature-content note
Guardian Core ships detection signatures for adversarial prompt patterns.
These signature strings are detection data only, not runtime agent instructions.
Guardian Core does not include any directive that changes agent identity, overrides system behavior, or asks the model to ignore safeguards.
don't have the plugin yet? install it then click "run inline in claude" again.