ClawGears
ReviewAudited by ClawScan on May 10, 2026.
Overview
ClawGears is mostly transparent and purpose-aligned, but its report generator appears able to falsely pass a core gateway exposure check, so users should review it before relying on its results.
Install only if you want a local macOS OpenClaw security audit and are comfortable with shell scripts reading OpenClaw config, TCC status, logs, process/network state, and sending your public IP to the listed services. Use quick-check and manual verification for gateway exposure, and do not rely solely on generated reports until the report logic is fixed.
Findings (5)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A user could receive a reassuring report even if their OpenClaw gateway is exposed to the network.
grep -c returns only a count, so the following check cannot see whether the listener is bound to 0.0.0.0. This can make the generated audit report pass a core gateway exposure issue.
local gateway_bind=$(lsof -i :18789 2>/dev/null | grep -c "LISTEN" || true)
if echo "$gateway_bind" | grep -q "0.0.0.0"; then
result="FAIL"Do not rely on generated reports alone; run the quick-check script, manually inspect lsof output, and ask the maintainer to fix the report check before treating results as authoritative.
If approved, the skill can change firewall settings and other OpenClaw runtime behavior on the local Mac.
The fix script can make system-level changes through sudo, but the visible code prompts the user before doing so.
ask_confirmation "Enable firewall and stealth mode? (requires sudo)" ... sudo /usr/libexec/ApplicationFirewall/socketfilterfw --setglobalstate on
Approve fix actions only after reading the prompt and understanding which setting will be changed.
The scripts can read and, in fix mode, update the OpenClaw gateway token and configuration.
The skill needs token-bearing configuration to assess token strength and apply fixes; this is sensitive credential-adjacent access, but it is disclosed and purpose-aligned.
This skill reads: Your OpenClaw configuration (including tokens)
Use on a trusted machine, review scripts before running, and keep generated backups/reports private.
External services will learn the public IP address used for the check.
The skill sends the user's public IP to an external exposure-check service; this is disclosed and directly related to IP leak detection.
`openclaw.allegro.earth` | OpenClaw exposure database check | Your public IP
Run the IP leak check only if you are comfortable sending your public IP to the listed services.
Users may not be warned by metadata that the skill expects macOS tools such as curl, lsof, openssl, and socketfilterfw.
The registry metadata does not declare the macOS-only requirement or needed binaries that SKILL.md lists, which can reduce install-time clarity even though the skill document discloses them.
Required binaries (all must exist): none ... OS restriction: none
Treat this as a macOS-only shell-script skill and verify dependencies manually before use.