OpenClaw Security Audit
PassAudited by ClawScan on May 10, 2026.
Overview
This is a coherent read-only OpenClaw security audit skill, but it does run the OpenClaw CLI and reads the local gateway config including the auth token field.
This skill appears safe for its stated purpose, but run it only if you are comfortable letting it read your local OpenClaw config and execute the OpenClaw CLI. Treat the generated report as sensitive because weak or short token values may be displayed.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Running the skill will execute the OpenClaw CLI on the user's machine.
The script executes local shell commands through Node child_process, but the commands are constant OpenClaw audit commands that match the documented purpose.
execSync('openclaw --version', { stdio: 'pipe' }); ... execSync('openclaw security audit --deep', { encoding: 'utf8', timeout: 120000 });Only run it in an environment where the OpenClaw CLI on PATH is trusted and expected.
The local OpenClaw auth token setting is read, and weak short token values may appear in the audit output.
The audit inspects the gateway auth token and prints a masked current value; very short non-empty tokens of 8 characters or fewer would be printed in full.
const token = config.gateway.auth.token; ... const masked = token.length > 8 ? token.slice(0, 8) + '...' : token || '(空)';
Avoid sharing the audit output publicly, and consider changing the script to mask all non-default token values.
The installer may not warn users that an external CLI must be present and trusted before the skill works.
The metadata does not declare the OpenClaw CLI dependency, while the SKILL.md says the OpenClaw command-line tool is needed and the script executes it.
Required binaries (all must exist): none
Declare the OpenClaw CLI as a required binary and verify the installed CLI is from the expected source.