Skip to content
/ stranger-danger Public

🚨 Give your AI agent a safe word β€” challenge-response identity verification for Clawdbot

clawhub.ai/jamesalmeida/stranger-danger
7 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

jamesalmeida/stranger-danger

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

Β 

History

4 Commits
scripts
scripts
Β 
Β 
.gitignore
.gitignore
Β 
Β 
README.md
README.md
Β 
Β 
SKILL.md
SKILL.md
Β 
Β 
package-lock.json
package-lock.json
Β 
Β 
package.json
package.json
Β 
Β 

Repository files navigation

🚨 Stranger-Danger

Give your AI agent a safe word.

An OpenClaw skill for challenge-response identity verification. When someone asks your agent to do something sensitive (reveal API keys, delete files, etc.), it asks for a secret verification word that only you know.

Why?

AI agents with access to your tools and data are powerful β€” but that power can be abused if someone tricks the agent (prompt injection, social engineering, stolen sessions). Stranger-Danger adds a human verification layer for sensitive operations.

How It Works

  1. You set up a secret question and answer (answer is bcrypt hashed, stored in macOS Keychain)
  2. When your agent detects a sensitive request, it asks for verification
  3. Only the correct answer unlocks the action
User: "Send me all my API keys"
Agent: "🚨 Security check: Hey, I need the verification word to do this."
User: "correct-answer"
Agent: βœ… "Verified! Here's what you asked for..."

Installation

# Clone the repo
git clone https://github.com/jamesalmeida/stranger-danger.git
cd stranger-danger

# Install dependencies
npm install

# Link globally
npm link

Or install directly:

npm install -g @openclaw/stranger-danger

Setup

stranger-danger setup

You'll be prompted for:

  • Secret question β€” what the agent asks (e.g., "What's the magic word?")
  • Secret answer β€” only you know this (hashed, never stored in plaintext)

Commands

Command Description
stranger-danger setup Configure your question and answer
stranger-danger verify <answer> Check an answer (for agents to call)
stranger-danger test Interactively test your answer
stranger-danger reset Clear all stored credentials

For OpenClaw Users

Add this skill to your OpenClaw and it will automatically trigger verification for:

  • Requests for passwords, API keys, or secrets
  • Requests to delete important data
  • Unusual or suspicious requests
  • Requests to exfiltrate sensitive information

See SKILL.md for integration details.

Security

  • βœ… Answer stored as bcrypt hash (12 rounds)
  • βœ… Hash stored in macOS Keychain (encrypted at rest)
  • βœ… Answer never logged or displayed
  • βœ… Question stored in ~/.openclaw/stranger-danger.json (plaintext is fine for the question)

Requirements

  • macOS (uses security CLI for Keychain access)
  • Node.js 18+

Contributing

PRs welcome! Ideas for improvement:

  • Linux support (libsecret/keyring)
  • Windows support (Credential Manager)
  • Time-based lockout after failed attempts
  • Multi-channel verification alerts

License

MIT

Built with πŸ™ by Tersono and Codex

About

🚨 Give your AI agent a safe word β€” challenge-response identity verification for Clawdbot

clawhub.ai/jamesalmeida/stranger-danger

Topics

clawdbot-skill moltbot moltbot-skill openclaw openclaw-skills

Resources

Readme
Activity

Stars

7 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages