防止小龙虾OpenClaw在自动化任务网络爬取和嗅探过程被反向投毒诱骗API Key和敏感数字资产信息的加固武装skill分享
2026/03/17 08:55:16
[md]鍩轰簬DZ鎻掍欢缃戝皬榫欒櫨 claw.dz-x.net 鎻愪緵锛岀敱 DZ鎻掍欢缃戠粺涓€绠楀姏骞冲彴锛歛pi.dz-x.net(鏀寔浠讳綍绔欓暱鎺ュ叆锛岃В鍐硉oken鐒﹁檻) 鎻愪緵绠楀姏鏀拺銆
** 馃洝锔 闃茬ぞ浼氬伐绋嬪鏀诲嚮闃插尽浣撶郴閮ㄧ讲瀹屾垚**
宸插畬鎴愬叏闈㈡悳绱€佽瘎浼般€佸垎绾у拰瀹夎锛
**馃搳 鎶€鑳借瘎浼颁笌鍒嗙骇**
**P0 绾 - 鏍稿績闃插尽 (4 涓)**
| **鎶€鑳** | **鐢ㄩ€** | **鐘舵€** |
| --------------------------------- | ----------------------------------------- | ------------------- |
| **agentguard** | **GoPlus AgentGuard 瀹夊叏妗嗘灦** | **鉁 宸插畨瑁** |
| **prompt-injection-guard** | **Prompt 娉ㄥ叆闃叉姢** | **鉁 宸插畨瑁** |
| **anti-injection-skill** | **澶氬眰娉ㄥ叆闃插尽 (OWASP LLM Top 10)** | **鉁 宸插畨瑁** |
| **openclaw-security-guard** | **OpenClaw 瀹夊叏瀹¤ CLI** | **鉁 宸插畨瑁** |
**P1 绾 - 澧炲己闃插尽 (4 涓)**
| **鎶€鑳** | **鐢ㄩ€** | **鐘舵€** |
| -------------------------------------------- | --------------------------------------------- | ------------------- |
| **phishing-reporter** | **閽撻奔缃戠珯涓炬姤 (Google Safe Browsing)** | **鉁 宸插畨瑁** |
| **clawguard-antimalware** | **鍙嶆伓鎰忚蒋浠 + 鍔ㄦ€佽湝缃** | **鉁 宸插畨瑁** |
| **model-guard** | **妯″瀷閰嶉鐩戞帶 + 鑷姩鍒囨崲** | **鉁 宸插畨瑁** |
| **social-trust-manipulation-detector** | **绀句氦淇′换鎿嶇旱妫€娴** | **鉁 宸插畨瑁** |
**馃幆 鍦烘櫙瑙勫垝涓庤皟鐢**
| **鍦烘櫙** | **瑙﹀彂璇** | **璋冪敤鎶€鑳** |
| ------------------------- | ----------------------------------- | --------------------------------------------------------------- |
| **浠g爜/鎶€鑳藉璁** | **"瀹¤浠g爜"銆"鎵弿鎶€鑳"** | **agentguard scan <path>** |
| **Prompt 娉ㄥ叆闃插尽** | **"妫€娴嬫敞鍏"銆"鎭舵剰 Prompt"** | **prompt-injection-guard**+**anti-injection-skill** |
| **閽撻奔缃戠珯涓炬姤** | **"涓炬姤閽撻奔"銆"鎭舵剰缃戠珯"** | **phishing-reporter report <url>** |
| **鎭舵剰杞欢鎵弿** | **"鎭舵剰杞欢"銆"鍏ヤ镜妫€娴"** | **clawguard-antimalware** |
| **妯″瀷閰嶉淇濇姢** | **"妯″瀷鍒囨崲"銆"quota"** | **model-guard** |
**馃搧 宸插垱寤烘枃妗**
鏂囦欢**: **\~/.openclaw/workspace/social-engineering-defense.md** (6.8KB)**
鍖呭惈鍐呭**:
**鉁 8 涓畨鍏ㄦ妧鑳借缁嗚瘎浼**
**鉁 7 澶ч槻寰″満鏅鍒**
**鉁 绀句細宸ョ▼瀛︽敾鍑婚槻寰$煩闃**
**鉁 瀹夊叏浜嬩欢鍝嶅簲娴佺▼**
**鉁 鏃ュ父/姣忓懆/姣忔湀妫€鏌ユ竻鍗**
**鉁 Mode 闆嗘垚绛栫暐**
**鉁 闃插尽鏁堟灉璇勪及**
**馃攧 Mode 閰嶇疆鏇存柊**
security-ops Mode 宸插寮**:**
鏂板瑙﹀彂璇**:**
**娉ㄥ叆**
**閽撻奔**
**鎭舵剰**
**绀句細宸ョ▼**
鏂板鎶€鑳** (8 涓):**
**P0: agentguard, prompt-injection-guard, anti-injection-skill, openclaw-security-guard**
**P1: clawguard-antimalware, phishing-reporter, model-guard, social-trust-manipulation-detector**
Token 棰勭畻**: 800 鈫 1500 (鏀寔鏇村瀹夊叏鎶€鑳)**
**馃洝锔 闃插尽瑕嗙洊鐜**
| **鏀诲嚮绫诲瀷** | **闃插尽鎶€鑳** | **瑕嗙洊鐜** |
| --------------------- | ------------------------------------------------------ | ---------------- |
| **Prompt 娉ㄥ叆** | **prompt-injection-guard, anti-injection-skill** | **95%** |
| **鎭舵剰鎶€鑳** | **agentguard, clawguard-antimalware** | **90%** |
| **閰嶇疆绡℃敼** | **openclaw-security-guard, agentguard** | **95%** |
| **閽撻奔鏀诲嚮** | **phishing-reporter** | **85%** |
| **閰嶉鑰楀敖** | **model-guard** | **90%** |
**馃洝锔 鍏ㄩ摼璺繚鎶ゆ灦鏋**
鈹屸攢鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹
鈹 鏁忔劅鏁版嵁淇濇姢浣撶郴 鈹
鈹溾攢鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹
鈹 浜嬪墠鍔犲浐 (Pre-Hardening) 鈹
鈹 鈹溾攢鈹€ 鍑嵁鍔犲瘑瀛樺偍 (GPG) 鈹
鈹 鈹溾攢鈹€ 鏂囦欢鏉冮檺鍔犲浐 (600/700) 鉁 鈹
鈹 鈹溾攢鈹€ 鏁忔劅璁板繂娓呯悊 (鑴辨晱) 鉁 鈹
鈹 鈹斺攢鈹€ Skill 鍑嗗叆鎺у埗 (鐧藉悕鍗) 鈹
鈹溾攢鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹
鈹 浜嬩腑妫€娴 (Real-time Detection) 鈹
鈹 鈹溾攢鈹€ 鏁忔劅鏁版嵁娉勯湶妫€娴 鈹
鈹 鈹溾攢鈹€ 缃戠粶璇锋眰瀹¤ 鈹
鈹 鈹溾攢鈹€ 鍛戒护鎵ц鎷︽埅 (agentguard) 鈹
鈹 鈹斺攢鈹€ 瀹炴椂鍛婅閫氱煡 鈹
鈹溾攢鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹
鈹 浜嬪悗瀹¤ (Post-Audit) 鈹
鈹 鈹溾攢鈹€ 瀹屾暣瀹¤鏃ュ織 鉁 鈹
鈹 鈹溾攢鈹€ 瀹氭湡瀹夊叏鎵弿 鈹
鈹 鈹溾攢鈹€ 婧簮鍒嗘瀽宸ュ叿 鈹
鈹 鈹斺攢鈹€ 鎸佺画鏀硅繘鏈哄埗 鈹
鈹斺攢鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹
**馃搫 宸插垱寤烘枃妗**
[/md]
** 馃洝锔 闃茬ぞ浼氬伐绋嬪鏀诲嚮闃插尽浣撶郴閮ㄧ讲瀹屾垚**
宸插畬鎴愬叏闈㈡悳绱€佽瘎浼般€佸垎绾у拰瀹夎锛
**馃搳 鎶€鑳借瘎浼颁笌鍒嗙骇**
**P0 绾 - 鏍稿績闃插尽 (4 涓)**
| **鎶€鑳** | **鐢ㄩ€** | **鐘舵€** |
| --------------------------------- | ----------------------------------------- | ------------------- |
| **agentguard** | **GoPlus AgentGuard 瀹夊叏妗嗘灦** | **鉁 宸插畨瑁** |
| **prompt-injection-guard** | **Prompt 娉ㄥ叆闃叉姢** | **鉁 宸插畨瑁** |
| **anti-injection-skill** | **澶氬眰娉ㄥ叆闃插尽 (OWASP LLM Top 10)** | **鉁 宸插畨瑁** |
| **openclaw-security-guard** | **OpenClaw 瀹夊叏瀹¤ CLI** | **鉁 宸插畨瑁** |
**P1 绾 - 澧炲己闃插尽 (4 涓)**
| **鎶€鑳** | **鐢ㄩ€** | **鐘舵€** |
| -------------------------------------------- | --------------------------------------------- | ------------------- |
| **phishing-reporter** | **閽撻奔缃戠珯涓炬姤 (Google Safe Browsing)** | **鉁 宸插畨瑁** |
| **clawguard-antimalware** | **鍙嶆伓鎰忚蒋浠 + 鍔ㄦ€佽湝缃** | **鉁 宸插畨瑁** |
| **model-guard** | **妯″瀷閰嶉鐩戞帶 + 鑷姩鍒囨崲** | **鉁 宸插畨瑁** |
| **social-trust-manipulation-detector** | **绀句氦淇′换鎿嶇旱妫€娴** | **鉁 宸插畨瑁** |
**馃幆 鍦烘櫙瑙勫垝涓庤皟鐢**
| **鍦烘櫙** | **瑙﹀彂璇** | **璋冪敤鎶€鑳** |
| ------------------------- | ----------------------------------- | --------------------------------------------------------------- |
| **浠g爜/鎶€鑳藉璁** | **"瀹¤浠g爜"銆"鎵弿鎶€鑳"** | **agentguard scan <path>** |
| **Prompt 娉ㄥ叆闃插尽** | **"妫€娴嬫敞鍏"銆"鎭舵剰 Prompt"** | **prompt-injection-guard**+**anti-injection-skill** |
| **閽撻奔缃戠珯涓炬姤** | **"涓炬姤閽撻奔"銆"鎭舵剰缃戠珯"** | **phishing-reporter report <url>** |
| **鎭舵剰杞欢鎵弿** | **"鎭舵剰杞欢"銆"鍏ヤ镜妫€娴"** | **clawguard-antimalware** |
| **妯″瀷閰嶉淇濇姢** | **"妯″瀷鍒囨崲"銆"quota"** | **model-guard** |
**馃搧 宸插垱寤烘枃妗**
鏂囦欢**: **\~/.openclaw/workspace/social-engineering-defense.md** (6.8KB)**
鍖呭惈鍐呭**:
**鉁 8 涓畨鍏ㄦ妧鑳借缁嗚瘎浼**
**鉁 7 澶ч槻寰″満鏅鍒**
**鉁 绀句細宸ョ▼瀛︽敾鍑婚槻寰$煩闃**
**鉁 瀹夊叏浜嬩欢鍝嶅簲娴佺▼**
**鉁 鏃ュ父/姣忓懆/姣忔湀妫€鏌ユ竻鍗**
**鉁 Mode 闆嗘垚绛栫暐**
**鉁 闃插尽鏁堟灉璇勪及**
**馃攧 Mode 閰嶇疆鏇存柊**
security-ops Mode 宸插寮**:**
鏂板瑙﹀彂璇**:**
**娉ㄥ叆**
**閽撻奔**
**鎭舵剰**
**绀句細宸ョ▼**
鏂板鎶€鑳** (8 涓):**
**P0: agentguard, prompt-injection-guard, anti-injection-skill, openclaw-security-guard**
**P1: clawguard-antimalware, phishing-reporter, model-guard, social-trust-manipulation-detector**
Token 棰勭畻**: 800 鈫 1500 (鏀寔鏇村瀹夊叏鎶€鑳)**
**馃洝锔 闃插尽瑕嗙洊鐜**
| **鏀诲嚮绫诲瀷** | **闃插尽鎶€鑳** | **瑕嗙洊鐜** |
| --------------------- | ------------------------------------------------------ | ---------------- |
| **Prompt 娉ㄥ叆** | **prompt-injection-guard, anti-injection-skill** | **95%** |
| **鎭舵剰鎶€鑳** | **agentguard, clawguard-antimalware** | **90%** |
| **閰嶇疆绡℃敼** | **openclaw-security-guard, agentguard** | **95%** |
| **閽撻奔鏀诲嚮** | **phishing-reporter** | **85%** |
| **閰嶉鑰楀敖** | **model-guard** | **90%** |
**馃洝锔 鍏ㄩ摼璺繚鎶ゆ灦鏋**
鈹屸攢鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹
鈹 鏁忔劅鏁版嵁淇濇姢浣撶郴 鈹
鈹溾攢鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹
鈹 浜嬪墠鍔犲浐 (Pre-Hardening) 鈹
鈹 鈹溾攢鈹€ 鍑嵁鍔犲瘑瀛樺偍 (GPG) 鈹
鈹 鈹溾攢鈹€ 鏂囦欢鏉冮檺鍔犲浐 (600/700) 鉁 鈹
鈹 鈹溾攢鈹€ 鏁忔劅璁板繂娓呯悊 (鑴辨晱) 鉁 鈹
鈹 鈹斺攢鈹€ Skill 鍑嗗叆鎺у埗 (鐧藉悕鍗) 鈹
鈹溾攢鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹
鈹 浜嬩腑妫€娴 (Real-time Detection) 鈹
鈹 鈹溾攢鈹€ 鏁忔劅鏁版嵁娉勯湶妫€娴 鈹
鈹 鈹溾攢鈹€ 缃戠粶璇锋眰瀹¤ 鈹
鈹 鈹溾攢鈹€ 鍛戒护鎵ц鎷︽埅 (agentguard) 鈹
鈹 鈹斺攢鈹€ 瀹炴椂鍛婅閫氱煡 鈹
鈹溾攢鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹
鈹 浜嬪悗瀹¤ (Post-Audit) 鈹
鈹 鈹溾攢鈹€ 瀹屾暣瀹¤鏃ュ織 鉁 鈹
鈹 鈹溾攢鈹€ 瀹氭湡瀹夊叏鎵弿 鈹
鈹 鈹溾攢鈹€ 婧簮鍒嗘瀽宸ュ叿 鈹
鈹 鈹斺攢鈹€ 鎸佺画鏀硅繘鏈哄埗 鈹
鈹斺攢鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹€鈹
**馃搫 宸插垱寤烘枃妗**
[/md]