//#region extensions/crypto/src/lib/skill-guard.d.ts /** * Skill Security Guard — static analysis for agent-created skills. * * Scans SKILL.md content for dangerous patterns before allowing the agent * to persist it. Inspired by Hermes Agent's skills_guard.py (~100 regex * patterns covering exfiltration, prompt injection, destructive commands, * persistence mechanisms, obfuscation, and supply chain attacks). * * We adapt this for a crypto DeFi context: the agent should be able to * write instructional markdown about trading strategies, but NOT be able * to embed code that exfiltrates keys, modifies system prompts, or * escalates its own permissions. * * Three trust levels: * builtin — static skills shipped with OpenClawnch (always allowed) * learned — skills the agent created from experience (scanned) * imported — skills from external sources (strictest scanning) */ interface SkillScanResult { safe: boolean; findings: SkillFinding[]; trustLevel: 'builtin' | 'learned' | 'imported'; } interface SkillFinding { severity: 'critical' | 'high' | 'medium' | 'info'; category: string; pattern: string; match: string; line: number; description: string; } /** * Scan skill content for security issues. * * @param content - The full skill markdown content * @param trustLevel - How much we trust the source * @returns Scan result with findings and safe/unsafe determination */ declare function scanSkillContent(content: string, trustLevel?: 'builtin' | 'learned' | 'imported'): SkillScanResult; /** * Format scan findings as a human-readable report. */ declare function formatScanReport(result: SkillScanResult): string; /** * Validate skill frontmatter structure. * Returns an array of validation errors (empty = valid). */ declare function validateSkillFrontmatter(frontmatter: Record): string[]; //#endregion export { SkillFinding, SkillScanResult, formatScanReport, scanSkillContent, validateSkillFrontmatter }; //# sourceMappingURL=skill-guard.d.mts.map