JSPM

@skillgate/openclaw-skillgate

0.1.3
  • ESM via JSPM
  • ES Module Entrypoint
  • Export Map
  • Keywords
  • License
  • Repository URL
  • TypeScript Types
  • README
  • Created
  • Published
  • Downloads 24
  • Score
    100M100P100Q66724F
  • License MIT

Supply-chain governance plugin for OpenClaw - scan, assess, and quarantine risky skills

Package Exports

  • @skillgate/openclaw-skillgate
  • @skillgate/openclaw-skillgate/dist/index.js

This package does not declare an exports field, so the exports above have been automatically detected and optimized by JSPM instead. If any package subpath is missing, it is recommended to post an issue to the original package (@skillgate/openclaw-skillgate) to support the "exports" field. If that is not possible, create a JSPM override to customize the exports field for this package.

Readme

SkillGate

Supply-chain governance plugin for OpenClaw — scan, assess, and quarantine risky skills.

npm version CI

Quick Start (60 seconds)

# Install
npm install @skillgate/openclaw-skillgate

# Scan all skills for HIGH+ risks
/gov scan

Sample output:

📋 SkillGate Scan Results
──────────────────────────────────────────────────
Skills: 3 scanned, 0 skipped (allowlisted)

🔴 untrusted-plugin [managed]
   Risk: CRITICAL (score: 180)
   Findings: 4 total (2 CRITICAL, 1 HIGH)
   Evidence: ev-a1b2c3d4

🟡 dev-helper [workspace]
   Risk: MEDIUM (score: 25)
   Findings: 2 total (0 CRITICAL, 0 HIGH)
   Evidence: ev-e5f6g7h8
# Quarantine a risky skill (creates backup + disables)
/gov quarantine untrusted-plugin

# Check why a skill was flagged
/gov explain untrusted-plugin

# Restore if you trust it
/gov restore untrusted-plugin

Features

  • Three-layer scanning: workspace, managed, and extraDirs skills
  • Risk scoring: Composite model with combo detection (not single red flags)
  • CRITICAL detection: curl|bash, wget|sh, base64|sh, rm -rf patterns
  • Soft quarantine: Backup + atomic disable (reversible)
  • Evidence redaction: Sensitive snippets hashed, not stored
  • Fail-closed auth: Write operations require confirmation

Commands

Command Description
/gov scan Scan skills for risks (default: HIGH+)
/gov scan --all Show all findings including LOW/INFO
/gov scan --json Output as JSON
/gov quarantine <skill> Quarantine a skill
/gov restore <skill> Restore a quarantined skill
/gov allow <skill> Allowlist a skill
/gov explain <skill> Explain why flagged
/gov status Show governance status

Risk Levels & Actions

Level Auto Action Description
CRITICAL Quarantine Shell injection, supply-chain attacks
HIGH Disable Dangerous patterns, external downloads
MEDIUM Warn Risky but not immediately dangerous
LOW/INFO Log Informational only

Documentation

Configuration

SkillGate reads/writes to ~/.openclaw/openclaw.json:

{
  "skills": {
    "entries": {
      "my-skill": {
        "enabled": true,
        // SkillGate adds when quarantined:
        "_quarantine": {
          "timestamp": "2026-02-21T00:00:00Z",
          "reason": "CRITICAL: curl|bash detected",
          "evidenceId": "ev-abc123"
        }
      }
    }
  }
}

Evidence

Evidence packages are stored in ~/.openclaw/evidence/ with redacted snippets:

{
  "skillKey": "risky-skill",
  "scanTimestamp": "2026-02-21T00:00:00Z",
  "findings": [
    {
      "rule": "shell-injection",
      "severity": "CRITICAL",
      "file": "install.sh",
      "line": 42,
      "snippet_redacted": true,
      "snippet_hash": "sha256:abc123...",
      "redaction_applied": true
    }
  ]
}

License

MIT © SkillGate Contributors