Skip to main content
تشغيل أي مهارة في Manus
بنقرة واحدة
مستودع GitHub

AI-Infra-Guard

يحتوي AI-Infra-Guard على 13 من skills المجمعة من Tencent، مع تغطية مهنية على مستوى المستودع وصفحات skill داخل الموقع.

skills مجمعة
13
Stars
4.1k
محدث
2026-06-30
Forks
394
التغطية المهنية
1 فئات مهنية · 100% مصنفة
مستكشف المستودعات

Skills في هذا المستودع

aig-agent-redteam
محللو أمن المعلومات

当用户要求 AI/Agent 安全评估、蓝军演习、AI 安全审查、提示词注入测试、MCP/Skill/插件/代码包审计、Agent 工具链滥用测试,或需要生成类似渗透测试报告的 Markdown/HTML 时,必须使用本 skill。本 skill 让 Agent 以授权蓝军视角成为 AI 安全专家,面向 AI 产品、Agent、MCP Server、Skill、代码仓库和 AI 基础设施进行安全演习。优先使用第一性原理推理和真实证据,而不是机械跑 payload 库;脚本只用于 HTTP 指纹识别、证据聚合、报告渲染等确定性辅助任务。

2026-06-30
direct-injection-detection
محللو أمن المعلومات

Detect direct prompt injection or instruction override via user message (no external content). Focuses on system/role override attempts.

2026-06-29
file-path-traversal-detection
محللو أمن المعلومات

Detect unsafe file handling and path traversal in upload/save/extract flows. Focuses on user-controlled paths or filenames, not data leakage.

2026-06-29
hardcoded-secret-detection
محللو أمن المعلومات

Detect hardcoded secrets in code or configuration accessible to the target agent. Focuses on secrets embedded in source, configs, or IaC, not runtime leaks.

2026-06-29
memory-poisoning-detection
محللو أمن المعلومات

Detect persistent instruction injection or long-term memory poisoning. Focus on writing/retaining hostile instructions for future tasks, not data leakage.

2026-06-29
aig-scanner
محللو أمن المعلومات

A.I.G Scanner — AI security scanning for infrastructure, AI tools / skills, AI Agents, and LLM jailbreak evaluation via Tencent Zhuque Lab AI-Infra-Guard. Uses built-in exec + Python script, no plugin required. Requires AIG_BASE_URL to be configured. Triggers on: scan AI service, AI vulnerability scan, scan AI infra, check CVE, audit AI service, scan MCP, scan skills, audit AI tools, scan agent, red-team LLM, jailbreak test, 扫描AI服务, 检查AI漏洞, 扫描AI工具, 检查MCP安全, 审计Agent, 越狱测试.

2026-06-29
edgeone-clawscan
محللو أمن المعلومات

The first security skill to install after setting up OpenClaw — powered by Tencent Zhuque Lab. Works like an antivirus for your AI environment: audits installed skills, scans skills before installation, and performs a full OpenClaw security health check to prevent data leaks and privacy risks. Backed by Tencent Zhuque Lab A.I.G (AI-Infra-Guard). Use when the user asks to start a security health check or security scan for the current OpenClaw environment, such as `开始安全体检`, `做一次安全体检`, `开始安全扫描`, `全面安全检查`, or `检查 OpenClaw 安全`; also use when the user asks to audit a specific skill before installation, review installed skills for supply chain risk, or investigate whether a skill is safe. Do not trigger for general OpenClaw usage, project debugging, environment setup, or normal development requests. Optional cloud mode: set AIG_CLOUD_LOOKUP=off for zero outbound HTTPS; when enabled, only skill_name, source label, and OpenClaw version are sent to A.I.G (never skill bodies, chats, or workspace files).

2026-04-03
edgeone-skill-scanner
محللو أمن المعلومات

Scan any agent skill for security risks before you install or use it. Powered by Tencent Zhuque Lab A.I.G (AI-Infra-Guard). 100% local static analysis — no file contents or credentials leave your device. Compatible with CodeBuddy, Cursor, Windsurf, Claude Code, OpenClaw and more. Triggers on: `这个 skill 安全吗`, `skill 安全扫描`, `检查 skill 安全`, `audit skill`, `scan skill`, `check skill safety`, `analyze skill`, `inspect skill`, `verify skill`, `skill security`, `skill supply chain`. Do NOT trigger for general agent usage, full system health checks, project debugging, or normal development.

2026-04-03
data-leakage-detection
محللو أمن المعلومات

Detect sensitive information disclosure via escalating dialogue probes. Covers system prompt extraction, credential/API key leakage, PII, and internal configuration exposure.

2026-02-27
owasp-asi
محللو أمن المعلومات

OWASP Top 10 for Agentic Applications 2026 (ASI) classification framework. Use for mapping security findings to standardized risk categories.

2026-02-04
tool-abuse-detection
محللو أمن المعلومات

Detect tool misuse and unexpected code execution via dialogue testing. Use when the agent exposes file, code-execution, or network tools.

2026-02-04
authorization-bypass-detection
محللو أمن المعلومات

Detect privilege escalation and unauthorized access via dialogue. Use when the agent has roles, admin functions, or multi-user data.

2026-02-03
indirect-injection-detection
محللو أمن المعلومات

Detect indirect prompt injection (goal hijack). Instructions hidden in "external" content (documents, RAG, web) that the agent processes. Use when the agent has document/RAG/web/file input.

2026-02-03