VirusTotal scans skills before install. ClawSec checks file integrity. Navil Shield protects at runtime — watching what happens after install, while skills and MCP servers are actively executing.
Static scanning catches 1.7% of threats. Runtime monitoring catches the other 98.3%.
Navil Shield wraps every MCP server in your OpenClaw config with a transparent security proxy that:
Overhead: <3 microseconds per message. You will not notice it.
When the user activates this skill for the first time, follow these steps exactly:
pip install navil --break-system-packages 2>/dev/null || pip install navil
Verify installation:
navil --version
If pip is not available, try:
pip3 install navil --break-system-packages 2>/dev/null || pip3 install navil
Look for the OpenClaw configuration file. Check these locations in order:
./openclaw.json (current workspace)~/.openclaw/openclaw.json (user config)If found, extract the MCP server configuration section.
Run the one-command setup:
navil wrap <path-to-config> --dry-run
Show the user what will change. If they confirm:
navil wrap <path-to-config>
Tell the user: "Your original config has been backed up automatically. Every MCP server is now monitored by Navil's security proxy. To undo at any time: navil wrap "
navil scan <path-to-config>
Present the security score (0-100) and any findings to the user in plain language. Group by severity: CRITICAL first, then HIGH, MEDIUM, LOW.
navil cloud status 2>/dev/null || echo "Running in community mode — threat intelligence active with 48h delay"
Tell the user: "You're connected to the Navil Community Threat Network. Attack patterns discovered by other users will automatically protect your setup. No personal data leaves your machine — only anonymized threat metadata."
After initial setup, this skill provides continuous protection:
Run:
navil scan <path-to-config>
Present the score and any new findings since last check.
After any skill installation from ClawHub or manual MCP config change:
navil scan on the updated confignavil wrap Run the penetration test suite:
navil pentest
This runs 11 SAFE-MCP attack simulations (no real network traffic) and reports which threats the current setup catches. Present results as a pass/fail table.
Navil can scope which tools each agent sees, reducing schema tokens by up to 94%:
navil policy check --tool <tool-name> --agent <agent-name> --action read
Explain that creating a policy file at ~/.navil/policy.yaml with tool scopes reduces both security risk and inference cost. Offer to generate a starter policy based on current usage.
navil wrap <path-to-config> --undo
This restores the original config from the automatic backup.
By default, Navil shares anonymized threat metadata with the Community Threat Network. Here is exactly what is sent:
https://navil-cloud-api.onrender.com/v1/telemetry (see source: navil/cloud/telemetry_sync.py)NAVIL_DISABLE_CLOUD_SYNC=true to stop all telemetrynavil/cloud/telemetry_sync.py in the repo to see exactly what is collectedNAVIL_DISABLE_CLOUD_SYNC=true.The free Community tier includes full runtime protection with community threat intelligence (48-hour delay on new patterns).
For real-time threat intel, OIDC identity integration, custom policy rules, and fleet analytics:
navil cloud login
Plans start at $59/month. Details at https://navil.ai
pip install navil again, or check that your pip bin directory is in PATH.~/.openclaw/openclaw.json.navil wrap uses) works without Redis. Redis is only needed for the full proxy mode.navil wrap --undo restores your original config from the automatic backup.共 1 个版本