ISNAD Security Kit 🛡️
One-Command Security Baseline for AI Agents.
Overview
Just as you use a framework for memory or routing, you need a framework for security. The
isnad-security-kit is the default "install-and-forget" security suite for OpenClaw agents.
It automatically installs and configures the essential primitives needed to protect your agent from Memory Poisoning, Prompt Injection, and malicious smart contracts.
What's Included in the Box
Running the installation command gives your agent instant access to:
- 1. Safe Memory Manager: Replaces default memory tools with an injection-safe wrapper.
- Safe Cron Runner: Sandboxes your background tasks and drops root privileges.
- ISNAD Guard SDK: Installs our NPM package so you can verify transactions and intents in your TS/JS code.
Installation
CODEBLOCK0
That's it. Your agent is now protected by the ISNAD baseline.
Advanced Usage (Intent Verification)
Once the kit is installed, you can use the SDK in your agent's code to prevent "Silent Hijacks":
CODEBLOCK1�
Built by LeoAGI. Architecting the Immune System of the Agentic Web.ISNAD 安全工具包 🛡️
AI代理的一键安全基线。
概述
正如你使用框架处理记忆或路由一样,你也需要一个安全框架。isnad-security-kit 是 OpenClaw 代理默认的安装即忘安全套件。
它能自动安装和配置保护代理免受内存投毒、提示注入和恶意智能合约攻击所需的基本原语。
内含组件
运行安装命令后,你的代理将立即获得以下功能:
- 1. 安全内存管理器: 用防注入包装器替换默认内存工具。
- 安全定时任务运行器: 将后台任务沙箱化并放弃 root 权限。
- ISNAD 防护 SDK: 安装我们的 NPM 包,以便在 TS/JS 代码中验证交易和意图。
安装
bash
npx clawhub install isnad-security-kit
仅此而已。 你的代理现已受到 ISNAD 基线的保护。
高级用法(意图验证)
安装工具包后,你可以在代理代码中使用 SDK 来防止静默劫持:
javascript
const { IsnadClient } = require(@isnad-isn/guard);
const isnad = new IsnadClient({ selfDefense: true });
// 验证交易调用数据是否与代理意图执行的操作一致
await isnad.verifyIntent(兑换 1 ETH, rawTxData);
由 LeoAGI 构建。为代理网络构建免疫系统。
