ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

OpenClaw Security Scanner

v1.0.0

Run a comprehensive local security scan on your OpenClaw installation. Checks config, network exposure, credentials, OS hardening, and agent guardrails. Scor...

0· 1.9k·18 current·18 all-time
by@jkahn-tr
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Benign
medium confidence
Purpose & Capability
Name/description match the actual behavior: the script inspects OpenClaw config, network exposure, file permissions, tokens, and guardrails. It does not declare unrelated credentials or external services and relies on standard UNIX tools and optional OPENCLAW_HOME, which is proportional to its purpose.
Instruction Scope
SKILL.md instructs running the included bash script. The script legitimately reads config files (openclaw.json, secrets.env, alternate locations), examines listening ports and permissions, and can apply fixes when --fix is passed. It uses eval to execute user-confirmed fix commands and parses JSON via grep; both are expected but warrant review. The provided script text was truncated in the listing — I could not verify the final portions for hidden network calls or other unexpected behavior, so review of the full file before running --fix is recommended.
Install Mechanism
No install spec; this is instruction-only with an included script. That is low-risk compared with arbitrary remote installers. The script is stored in the skill bundle and executed locally.
Credentials
The skill requests no external credentials and only optionally reads OPENCLAW_HOME and local OpenClaw files (config, secrets). Reading secrets.env and config files is appropriate for a scanner, but those files may contain sensitive data — the script promises local-only operation and read-only by default; confirm that before running and avoid providing secrets via other environment variables.
Persistence & Privilege
Skill does not request persistent presence (always:false). It does not modify anything unless --fix is explicitly supplied and prompts for confirmation. Model invocation/autonomy flags are default and acceptable.
Assessment
This appears to be a coherent, local-only OpenClaw security scanner, but take these precautions before running it: 1) Inspect the full oc-security-scan.sh yourself (especially the truncated tail) to confirm there are no network calls (curl/wget/nc) or unexpected uploads. 2) Run without --fix first to review findings; do not run --fix unattended. 3) Run as a non-root user unless you explicitly need deeper checks, and back up configs before applying fixes. 4) Be aware the script will read config and secrets files (e.g., secrets.env) to check for plaintext tokens — that is expected behavior for a scanner but means the script has access to sensitive data while running. 5) If you need highest assurance, run it in an isolated environment (VM/container) and review any fix commands the script proposes before accepting them.

Like a lobster shell, security has layers — review code before you run it.

latestvk976xb1bp4v3wr5g0njw8aa7b5819fct

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments