ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

openclaw hardening

v1.0.0

Audit and harden an OpenClaw installation for common security misconfigurations. Covers non-loopback binding, exposed gateway listeners, root or Administrato...

0· 47·0 current·0 all-time
by@billyhetech
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
Name and description match the SKILL.md: the skill audits local OpenClaw config, process state, bind/port/auth, tool policies, and execution privileges. It does not request unrelated services or credentials and relies on standard local inspection tools as expected.
Instruction Scope
Instructions are narrowly scoped to local inspection (process args, local config files, active listeners, file permissions) and explicitly avoid external network scanning. The workflow is detailed and requires explicit user confirmation before applying changes. However, it authorizes inspecting environment variables and running privileged OS commands (ps, Get-NetTCPConnection, Get-Acl, etc.), which can reveal sensitive state — the doc promises not to echo secrets but still reads them.
Install Mechanism
No install spec and no code files; this is instruction-only and does not write files or download external artifacts during install, which is the lowest-risk install model.
!
Credentials
Declared requirements list no environment variables, but the runtime instructions explicitly say to check 'Environment variables already set in the current session' and to 'inspect the token value' (while not printing it). Reading session env vars and process arguments can access sensitive credentials (API keys, tokens) the skill did not declare it needs. The skill does request read access to local config and process state, which is required for the audit, but the lack of declared env access and absent provenance increases risk.
Persistence & Privilege
Skill is not always-enabled, does not install code, and promises explicit user confirmation before making changes. It also checks for elevated privileges rather than asking for them. No signs it requests persistent system presence or modifies other skills' configs.
What to consider before installing
This skill appears to do what it says (local OpenClaw hardening) and does not try to install binaries, but it will read local config files, running processes, and environment variables — which can expose secrets. Before installing or running: (1) Verify the skill's source or request its code (there is no homepage or repository listed). (2) Run the audit only on a machine you control and back up OpenClaw config files first. (3) Be prepared that the audit will inspect env vars and process arguments; do not run it in an environment containing unrelated secrets you cannot risk exposing. (4) Require and confirm all change prompts (the skill states it will ask before modifying files). (5) If you need stronger guarantees, request the SKILL.md be reviewed or run the checks manually or in a restricted test environment. If you want higher assurance, ask the publisher for source code or a signed release before trusting the skill.

Like a lobster shell, security has layers — review code before you run it.

latestvk978fbxq9x0tq61tdxjam3dtes84acdq

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments