ClawGears
v1.0.2Conduct security audits for OpenClaw-based AI assistants on macOS to detect exposure risks, weak tokens, sensitive commands, and IP leaks.
⭐ 0· 240·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
high confidencePurpose & Capability
The skill's name/description (macOS OpenClaw security audit) matches the code and SKILL.md: it inspects OpenClaw config, logs, macOS TCC database, checks firewall/FileVault/SIP, tests ports, and can apply fixes. Minor inconsistency: registry metadata listed no required binaries, but SKILL.md explicitly requires macOS tools (python3, curl, lsof, pgrep/pkill, openssl, socketfilterfw). That mismatch should be corrected but does not indicate malicious intent.
Instruction Scope
Runtime instructions and bundled scripts operate within the stated audit/fix scope: reading ~/.openclaw/openclaw.json and gateway logs, querying public-IP services, checking TCC DB, running lsof/pgrep, and optionally modifying the OpenClaw config and firewall. No instructions attempt to read unrelated system secrets or contact unexpected external endpoints beyond the stated exposure checks.
Install Mechanism
There is no external install/download step; code is bundled with the skill (shell scripts). No archive downloads or obscure external installers are used. Because scripts are shipped with the skill, they will run locally when invoked — review the included scripts before execution.
Credentials
The skill requests no environment variables, which is appropriate. It does, however, read highly sensitive local artifacts (OpenClaw config which may contain tokens, TCC.db entries) and sends your public IP to openclaw.allegro.earth (and uses public IP services like api.ipify.org). Those actions are proportionate to an exposure audit but are privacy-sensitive — the SKILL.md does disclose this. Confirm you trust the external exposure service before running checks that contact it.
Persistence & Privilege
always:false and default autonomous invocation are used (normal). The skill may modify only OpenClaw config files in ~/.openclaw, create local report/history files, restart the gateway process, and request sudo for firewall changes — all are within its stated remit. It does not request system-wide persistent privileges beyond these expected actions.
Assessment
This tool appears to do what it says: check OpenClaw exposures and optionally fix configuration. Before running: 1) Review the bundled scripts (quick-check.sh and interactive-fix.sh) so you understand each change. 2) Run quick-check.sh first (read-only). 3) Be aware the audit will read ~/.openclaw/openclaw.json (may contain tokens) and macOS TCC DB; it will send your public IP to openclaw.allegro.earth and public IP services — only run those checks if you trust that external service. 4) Back up ~/.openclaw (the interactive fixer already creates backups) and ensure you can restore service if changes are applied. 5) Expect some fixes to require sudo (firewall) and the ability to restart the gateway binary. 6) Consider running in an isolated or test machine if you're uncomfortable with automatic fixes. Finally, the registry metadata should be updated to list the required binaries (python3, curl, lsof, pgrep/pkill, openssl, socketfilterfw); the mismatch is benign but worth correcting.Like a lobster shell, security has layers — review code before you run it.
auditvk97c9cfesrn9ajjzdfjfphcf3n82mdq1latestvk97bnrvac9vhfkj6h8hzkcd6md82r3x5macosvk97c9cfesrn9ajjzdfjfphcf3n82mdq1openclawvk97c9cfesrn9ajjzdfjfphcf3n82mdq1securityvk97c9cfesrn9ajjzdfjfphcf3n82mdq1
License
MIT-0
Free to use, modify, and redistribute. No attribution required.