Security Network Hardening
PassAudited by ClawScan on May 1, 2026.
Overview
This skill is coherently focused on OpenClaw host/network hardening, with privileged firewall and configuration actions disclosed and gated by user confirmation.
Install only if you want an agent to help audit and harden a Linux OpenClaw host. Before approving fixes, confirm SSH/management access, allowed IP ranges, firewall rollback steps, and any OpenClaw config or credential-permission changes.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If applied incorrectly, firewall changes could block legitimate access to the host.
These are privileged firewall state changes that can affect host reachability. They are purpose-aligned with network hardening and the playbook says to confirm management access and approved ports first.
sudo ufw default deny incoming sudo ufw default allow outgoing
Confirm the current management path, allowed source IPs/subnets, and rollback plan before approving any firewall changes.
The agent may view or modify security-relevant OpenClaw settings and permissions around credential storage.
The skill directs inspection of OpenClaw configuration and changes to credential-directory permissions. This is expected for hardening, but it touches sensitive local configuration and credential storage.
Look for both global and agent-level settings in `~/.openclaw/openclaw.json`. Restrict the credentials directory so only the owner can access it. Recommended fix pattern: ```bash chmod 700 <openclaw-credentials-dir> ```
Review proposed changes to OpenClaw config and credential directories before approving them, and keep backups of configuration files.
The source and homepage do not provide an external trust trail for the included hardening scripts.
The skill has limited provenance metadata. The included scripts are visible and small, but users should still inspect them before running privileged host-hardening operations.
Source: unknown Homepage: none
Inspect the included shell scripts and commands before running them with sudo/root privileges.