RTR OpenClaw — Skill Security Gateway di CSOS
Three-layer agentic skill security: SkillAnalyzer (pre-execution), RuntimeGuard (runtime enforcement), PromptShield (injection detection). Plant-level H-C-E collapse gating under RTR Governance Protocol v1.1.
SperimentaleSperimentale
Disponibile in Firefox per AndroidDisponibile in Firefox per Android
20 utenti20 utenti
Scansiona il codice QR per aprire questa estensione in Firefox per Android
Metadati estensione
Informazioni sull’estensione
RTR OpenClaw enforces a three-layer security model before and during AI skill execution in the browser.
SkillAnalyzer runs a four-pass heuristic inspection of skill code before execution — checking for network exfiltration (SA-G1), filesystem access (SA-G2), dynamic code execution (SA-G3), credential leakage (SA-G4), and aggregate behavioural penalty scoring (SA-G5). Skills with critical violations are rejected before they can run.
RuntimeGuard monitors active skill sessions using Firefox's blocking webRequest API. It enforces per-session request limits, cancels policy-violating requests, and triggers a kill switch when the H–C–E collapse gate fails — transitioning the skill to a locked state.
PromptShield intercepts WebSocket frames for eight classes of prompt injection (PI-001–PI-008), including role hijacking, encoding evasion, delimiter injection, and exfiltration attempts. Only hashes and match metadata are stored — no raw message content is retained.
All three layers feed into a signed Proof Bundle: a cryptographically attested evidence package with H–C–E trust observables, lifecycle state, and measurement attribution, governed under RTR Governance Protocol v1.1.
SkillAnalyzer runs a four-pass heuristic inspection of skill code before execution — checking for network exfiltration (SA-G1), filesystem access (SA-G2), dynamic code execution (SA-G3), credential leakage (SA-G4), and aggregate behavioural penalty scoring (SA-G5). Skills with critical violations are rejected before they can run.
RuntimeGuard monitors active skill sessions using Firefox's blocking webRequest API. It enforces per-session request limits, cancels policy-violating requests, and triggers a kill switch when the H–C–E collapse gate fails — transitioning the skill to a locked state.
PromptShield intercepts WebSocket frames for eight classes of prompt injection (PI-001–PI-008), including role hijacking, encoding evasion, delimiter injection, and exfiltration attempts. Only hashes and match metadata are stored — no raw message content is retained.
All three layers feed into a signed Proof Bundle: a cryptographically attested evidence package with H–C–E trust observables, lifecycle state, and measurement attribution, governed under RTR Governance Protocol v1.1.
Voto 0 da 0 revisori
Permessi e dati
Permessi obbligatori:
- Visualizzare notifiche
- Accedere alle schede
- Accedere ai dati di tutti i siti web
Raccolta dati:
- Lo sviluppatore dichiara che questa estensione non richiede la raccolta di dati.
Ulteriori informazioni
- Link componente aggiuntivo
- Versione
- 0.2.0
- Dimensione
- 87,69 kB
- Ultimo aggiornamento
- 4 mesi fa (5 mar 2026)
- Categorie correlate
- Licenza
- Apache License 2.0
- Informativa sulla privacy
- Consulta l’informativa sulla privacy per questo componente aggiuntivo
- Cronologia versioni
- Aggiungi alla raccolta