Security Network Hardening
PassAudited by VirusTotal on May 11, 2026.
Overview
Type: OpenClaw Skill Name: security-network-hardening Version: 1.0.0 The skill bundle is designed for security auditing and hardening of an OpenClaw host. It includes instructions for the agent to perform read-only audits, verify firewall states, and apply hardening fixes (such as restricting file permissions and configuring UFW) only with explicit user confirmation, with no evidence of malicious intent or data exfiltration.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If applied incorrectly, firewall changes could block legitimate access to the host.
These are privileged firewall state changes that can affect host reachability. They are purpose-aligned with network hardening and the playbook says to confirm management access and approved ports first.
sudo ufw default deny incoming sudo ufw default allow outgoing
Confirm the current management path, allowed source IPs/subnets, and rollback plan before approving any firewall changes.
The agent may view or modify security-relevant OpenClaw settings and permissions around credential storage.
The skill directs inspection of OpenClaw configuration and changes to credential-directory permissions. This is expected for hardening, but it touches sensitive local configuration and credential storage.
Look for both global and agent-level settings in `~/.openclaw/openclaw.json`. Restrict the credentials directory so only the owner can access it. Recommended fix pattern: ```bash chmod 700 <openclaw-credentials-dir> ```
Review proposed changes to OpenClaw config and credential directories before approving them, and keep backups of configuration files.
The source and homepage do not provide an external trust trail for the included hardening scripts.
The skill has limited provenance metadata. The included scripts are visible and small, but users should still inspect them before running privileged host-hardening operations.
Source: unknown Homepage: none
Inspect the included shell scripts and commands before running them with sudo/root privileges.