RTR OpenClaw โ Skill Security Gateway ์ ์์: CSOS
Three-layer agentic skill security: SkillAnalyzer (pre-execution), RuntimeGuard (runtime enforcement), PromptShield (injection detection). Plant-level H-C-E collapse gating under RTR Governance Protocol v1.1.
์คํ์ ์คํ์
Androidโข์ฉ Firefox์์ ์ฌ์ฉ ๊ฐ๋ฅAndroidโข์ฉ Firefox์์ ์ฌ์ฉ ๊ฐ๋ฅ
์ฌ์ฉ์ 20๋ช
์ฌ์ฉ์ 20๋ช
Android์ฉ Firefox์์ ์ด ํ์ฅ ๊ธฐ๋ฅ์ ์ด๋ ค๋ฉด QR ์ฝ๋๋ฅผ ์ค์บํ์ธ์
ํ์ฅ ๋ฉํ ๋ฐ์ดํฐ
์ ๋ณด
RTR OpenClaw enforces a three-layer security model before and during AI skill execution in the browser.
SkillAnalyzer runs a four-pass heuristic inspection of skill code before execution โ checking for network exfiltration (SA-G1), filesystem access (SA-G2), dynamic code execution (SA-G3), credential leakage (SA-G4), and aggregate behavioural penalty scoring (SA-G5). Skills with critical violations are rejected before they can run.
RuntimeGuard monitors active skill sessions using Firefox's blocking webRequest API. It enforces per-session request limits, cancels policy-violating requests, and triggers a kill switch when the HโCโE collapse gate fails โ transitioning the skill to a locked state.
PromptShield intercepts WebSocket frames for eight classes of prompt injection (PI-001โPI-008), including role hijacking, encoding evasion, delimiter injection, and exfiltration attempts. Only hashes and match metadata are stored โ no raw message content is retained.
All three layers feed into a signed Proof Bundle: a cryptographically attested evidence package with HโCโE trust observables, lifecycle state, and measurement attribution, governed under RTR Governance Protocol v1.1.
SkillAnalyzer runs a four-pass heuristic inspection of skill code before execution โ checking for network exfiltration (SA-G1), filesystem access (SA-G2), dynamic code execution (SA-G3), credential leakage (SA-G4), and aggregate behavioural penalty scoring (SA-G5). Skills with critical violations are rejected before they can run.
RuntimeGuard monitors active skill sessions using Firefox's blocking webRequest API. It enforces per-session request limits, cancels policy-violating requests, and triggers a kill switch when the HโCโE collapse gate fails โ transitioning the skill to a locked state.
PromptShield intercepts WebSocket frames for eight classes of prompt injection (PI-001โPI-008), including role hijacking, encoding evasion, delimiter injection, and exfiltration attempts. Only hashes and match metadata are stored โ no raw message content is retained.
All three layers feed into a signed Proof Bundle: a cryptographically attested evidence package with HโCโE trust observables, lifecycle state, and measurement attribution, governed under RTR Governance Protocol v1.1.
๋ฆฌ๋ทฐ์ด 0๋ช
์ด 0์ ์ผ๋ก ํ๊ฐํจ
๊ถํ ๋ฐ ๋ฐ์ดํฐ
ํ์ ๊ถํ:
- ์๋ฆผ ํ์
- ๋ธ๋ผ์ฐ์ ํญ์ ์ ๊ทผ
- ๋ชจ๋ ์น์ฌ์ดํธ์์ ์ฌ์ฉ์์ ๋ฐ์ดํฐ์ ์ ๊ทผ
๋ฐ์ดํฐ ์์ง:
- ๊ฐ๋ฐ์๋ ์ด ํ์ฅ ๊ธฐ๋ฅ์ด ๋ฐ์ดํฐ ์์ง์ ์๊ตฌํ์ง ์๋๋ค๊ณ ๋ฐํ๊ณ ์์ต๋๋ค.
์ถ๊ฐ ์ ๋ณด
- ๋ถ๊ฐ ๊ธฐ๋ฅ ๋งํฌ
- ๋ฒ์
- 0.2.0
- ํฌ๊ธฐ
- 87.69 KB
- ๋ง์ง๋ง ์ ๋ฐ์ดํธ
- 4๋ฌ ์ (2026๋ 3์ 5์ผ)
- ๊ด๋ จ ์นดํ ๊ณ ๋ฆฌ
- ๋ผ์ด์ ์ค
- Apache License 2.0
- ๊ฐ์ธ์ ๋ณด์ฒ๋ฆฌ๋ฐฉ์นจ
- ์ด ๋ถ๊ฐ ๊ธฐ๋ฅ์ ๋ํ ๊ฐ์ธ์ ๋ณด์ฒ๋ฆฌ๋ฐฉ์นจ ์ฝ๊ธฐ
- ๋ฒ์ ๋ชฉ๋ก
- ๋ชจ์์ง์ ์ถ๊ฐ