Linux Firewall Hardening
ReviewAudited by ClawScan on May 13, 2026.
Overview
This is a coherent Linux firewall-hardening skill, but it deliberately uses powerful sudo-level firewall and persistence commands that should only be run by someone prepared to manage host networking.
Install or use this only if you intentionally want an agent-assisted workflow to inspect and modify a Linux host firewall. Start with audit and dry-run planning, confirm required ports and rollback access, avoid unsupported environments such as Kubernetes nodes or containers, and review the included scripts before running them with sudo.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Running the documented commands can change which network connections reach the machine and could lock out SSH if the plan is wrong.
The skill documents privileged firewall mutation commands. This is central to firewall hardening and is paired with planning/verification guidance, but misuse can disrupt access or service availability.
sudo ufw default deny incoming sudo ufw default allow outgoing ... sudo ufw --force enable
Run the audit and dry-run plan first, confirm the SSH port and required service ports, keep a second session or console access, and verify rollback before applying.
The agent or user running the skill may be able to make system-wide network and firewall changes.
The skill explicitly requires elevated local privileges to manage host firewall state. This is expected for the stated purpose but is a significant permission boundary.
## Prerequisites - Root or sudo access. - An active SSH session (risk of lockout).
Only run this on hosts you administer, with least-privilege sudo where possible and a clear rollback plan.
Firewall rules, rollback jobs, or local state may remain after the immediate task and affect future connectivity.
The artifacts describe persistent firewall configuration and optional state used for workflow recovery. This persistence is disclosed and purpose-aligned, but users should be aware it can outlive the current agent session.
Persist across reboots... Optional state persistence (`~/.firewall-hardening/state.json`).
After applying changes, verify persisted rules, cancel any rollback timer only after checks pass, and remove optional state files if they are no longer needed.
Users have less provenance information to rely on before running sudo-level firewall tooling.
The registry metadata does not establish a source repository or homepage. That is not malicious by itself, but it matters because the skill asks users to run local scripts and privileged commands.
Source: unknown Homepage: none
Review the included scripts and references locally before execution, and prefer running first in a test environment or maintenance window.