ClawHub

Openclaw Security Audit

v0.1.3

Run a local security audit on the OpenClaw environment, identifying risks, affected files, and prioritized remediation steps without exposing secrets.

0· 112·0 current·0 all-time
by@haooyi
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
medium confidence
Purpose & Capability
Name/description ask for a local OpenClaw security audit and the bundled code performs filesystem, git, host, network, config, and secret scans — these capabilities are appropriate for that purpose.
Instruction Scope
SKILL.md directs running the bundled runtime. The runtime reads config (~/.openclaw/openclaw.json), workspace files, .env files, logs, git-tracked files, SSH config, auth logs, and runs host/network commands (git, ss, journalctl, ufw/nft/iptables, systemctl, fail2ban-client). This scope is expected for a local audit but is broad and will access many sensitive local artifacts; the skill claims to redact secrets and the code masks examples, but you should only run it on hosts you control.
Install Mechanism
No external install or downloads are performed; the skill is instruction-only with bundled Python code executed via local python3. There are no remote URL-based installers observed in the provided files.
Credentials
The skill requests no environment variables or credentials. It does, however, read sensitive local files and run privileged host inspection commands (via subprocess) — this is proportionate to an audit but still requires local file access. No unrelated external credentials are requested.
Persistence & Privilege
always is false and the skill does not modify system or other skills' configuration. It runs on-demand and does not request permanent presence or elevated install-time privileges.
Assessment
This skill appears to do what it says: a local audit that inspects config, logs, workspace files, git history, SSH and firewall state, and secret-like patterns. Before running: (1) Review the bundled utils.py (not fully shown here) to confirm run_command/read/write behavior and ensure there are no hidden network POSTs or uploads. (2) Run it on a machine you control (not a sensitive production host) because it reads /etc, logs, and user files. (3) Run as a non-root user where possible; some host checks will be skipped if unreadable. (4) Inspect generated report files and their output directory permissions before sharing; while secrets are masked, file paths and counts are included. (5) If you enable autonomous agent invocation, be cautious — this tool can access many local artifacts; disable autonomous invocation unless you trust the skill and agent policies. If you want higher assurance, provide the full utils.py implementation for review or run the audit in an isolated test VM and inspect its runtime behavior (processes invoked, network activity) before using on production systems.

Like a lobster shell, security has layers — review code before you run it.

latestvk97cdrgj909b3tp8hdbtvmvmv98354fs

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments