ShellWard Security Guide
ReviewAudited by ClawScan on May 10, 2026.
Overview
This is a coherent security checklist, but it may prompt the agent to read local secret files and environment variables without promising to hide sensitive values.
Use this only if you are comfortable with the agent inspecting your local OpenClaw environment. Before running it, tell the agent not to print secrets, to ask before reading sensitive files, and to confirm before making any system changes.
Findings (2)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A security scan could accidentally bring private tokens or passwords into the chat or model context.
The skill asks the agent to inspect locations that commonly contain API keys, tokens, and other credentials, but it does not say to ask separate consent, limit paths, or redact secret values from the response.
- Scan for plaintext secrets in .env, .bashrc, environment variables
Only run this with explicit approval for the exact files or variables to inspect, and require the agent to report only secret names, file locations, and remediation steps—not the secret values.
If allowed to run commands, the agent may inspect or change local security settings such as firewall rules, file permissions, containers, plugins, or update settings.
The skill is designed to use tools and recommend system commands for hardening. This is purpose-aligned, and it includes a confirmation instruction for destructive operations, but users should still review commands before allowing execution.
Check the current system state using available tools and give actionable recommendations. ... For each issue, provide the exact command to fix it ... Ask for confirmation before executing destructive operations
Review each proposed command before execution, especially firewall, chmod, plugin, update, or auto-fix commands.