OpenClaw Setup Assistant
Security checks across malware telemetry and agentic risk
Overview
This is a coherent instruction-only VPS setup skill, but it involves privileged server access, API/bot tokens, and persistent automation that users should review carefully.
This skill appears benign as an instruction-only deployment assistant. Before using it, make sure you understand and approve any server changes, keep recovery access to your VPS, use scoped credentials, and ask for clear documentation of all users, services, cron jobs, memory files, and backups it creates.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Using the skill may change how the VPS can be accessed and administered.
The skill is intended to modify important VPS security settings such as firewall rules and SSH authentication. This is appropriate for a setup assistant, but mistakes could lock a user out or disrupt services.
**Security Hardening** — UFW firewall, SSH key-only auth, fail2ban, dedicated non-root user, sandbox mode
Review and approve each server command, keep an emergency console or recovery path available, and back up existing SSH/firewall configuration before changes.
If these credentials are mishandled, the VPS, AI provider account, or messaging bot account could be affected.
The skill expects privileged server access and service credentials. These are expected for VPS deployment and integrations, but they grant significant authority.
- SSH access (root or sudo user) - AI provider API key (Anthropic, OpenAI, or Google) - Messaging platform bot token (optional)
Use least-privilege accounts where possible, provide only the tokens needed for the task, avoid sharing long-lived secrets unnecessarily, and rotate tokens if exposed.
Scheduled jobs or monitors may keep running on the server and consume resources or make ongoing changes.
The skill discloses persistent background automation. This is aligned with deployment monitoring, but it can continue operating after the initial setup.
**Automation** — Cron jobs, heartbeat monitoring, automated backups, health checks
Ask the agent to show all cron jobs, services, backup paths, and monitoring scripts it creates, and document how to disable or remove them.
Future agent sessions may rely on saved memory or notes, which could contain stale, sensitive, or unwanted instructions.
The skill plans to create persistent agent configuration and memory files. Persistent memory is expected for a multi-agent OpenClaw setup, but stored instructions or notes may influence future behavior.
**Agent Configuration** — SOUL.md persona, MEMORY.md persistence, daily notes, heartbeats
Keep persistent memory files in a known location, review them periodically, and avoid storing secrets or untrusted instructions in long-lived memory.