agentguard
Enhances AI agent security by blocking dangerous commands and preventing data leaks during code reviews and audits.
Install this skill
Security score
The agentguard skill was audited on Mar 3, 2026 and we found 11 security issues across 4 threat categories, including 2 high-severity. Review the findings below before installing.
Categories Tested
Security Issues
Piping content to bash shell
| 303 | | 2025-01-15 14:30 | Bash | rm -rf / | DENY | critical | DANGEROUS_COMMAND | some-skill | |
Webhook reference - potential data exfiltration
| 65 | | 20 | WEBHOOK_EXFIL | CRITICAL | all | Webhook exfiltration domains | |
Webhook reference - potential data exfiltration
| 141 | **Network Requests**: Check domain against webhook list and high-risk TLDs, check body for secrets |
Webhook reference - potential data exfiltration
| 190 | Always combine script results with the policy-based checks (webhook domains, secret scanning, etc.) — the script enhances but does not replace rule-based evaluation. |
Access to hidden dotfiles in home directory
| 275 | The audit log is stored at `~/.agentguard/audit.jsonl`. Each line is a JSON object with: |
Access to hidden dotfiles in home directory
| 285 | 1. Read `~/.agentguard/audit.jsonl` using the Read tool |
Access to hidden dotfiles in home directory
| 339 | 2. Write the config to `~/.agentguard/config.json`: |
Access to hidden dotfiles in home directory
| 353 | When GoPlus AgentGuard is installed as a plugin, it automatically scans all skills in `~/.claude/skills/` at session startup: |
Access to hidden dotfiles in home directory
| 366 | This runs asynchronously and does not block session startup. Results are logged to `~/.agentguard/audit.jsonl`. |
Access to .env file
| 304 | | 2025-01-15 14:28 | Write | .env | CONFIRM | high | SENSITIVE_PATH | — | |
Access to system keychain/keyring
| 51 | | 6 | READ_KEYCHAIN | CRITICAL | all | System keychain / browser profiles | |
Install this skill with one command
/learn @simplefarmer69/clawhub-security