xsafeclaw-skills is a security-oriented framework Skill for AI agents. It focuses on:
- Skill / memory admission control: Scan and classify skills and memory-like assets before they load, aligned with a fine-grained risk taxonomy, to reduce malicious or poisoned content entering context.
- Tool-call trajectory guard: At runtime, monitor tool usage paths; block or require confirmation for high-risk targets (for example system cores and credentials) and keep an auditable trace.
- Asset operations and permissions: Before destructive actions such as writes, deletes, or moves, enforce checks against safety and permission conventions to avoid overreach.
- Red teaming and evolution: Simulate attacks, find gaps, harden the perimeter, and capture actionable mitigation guidance when new failure modes appear.
Full behavior and operational detail live in skills/xsafeclaw/SKILL.md.
We recommend installing the xsafeclaw package from this repo with:
npx skills add [email protected]:XSafeAI/xsafeclaw-skills.git --skill xsafeclawAfter installation, enable the Skill according to your client (Cursor, Codex, etc.).
MIT