ClawHub

Openclaw Security Audit

v1.0.0

Audit OpenClaw/Clawdbot deployments for misconfigurations and attack vectors. Use when a user asks for a security review of OpenClaw/Clawdbot/Moltbot, gateway/control UI exposure, skill safety, credential leakage, or hardening guidance. Produces a terminal report with OK/VULNERABLE findings and fixes.

3· 3.9k·37 current·39 all-time
by@misirov
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description match the runtime instructions: the skill performs local discovery of OpenClaw/Clawdbot gateway, ports, config, skills, logs, and permissions. It does not ask for unrelated credentials or external services.
Instruction Scope
Instructions are explicitly read‑only and focused on OpenClaw artifacts, but they authorize broad system queries (journalctl, find / -perm -4000, reading home and /etc paths). These are coherent for a full audit but will access system logs, config and potentially secret-containing files — the skill states to redact secrets and not exfiltrate them.
Install Mechanism
Instruction-only skill with no install spec or code files — lowest risk (nothing is written to disk by the skill itself).
Credentials
No environment variables or credentials are requested. The commands do read local files and logs relevant to the stated audit purpose; this is proportionate to an on-host security review.
Persistence & Privilege
Skill is not always-on and does not request to modify agent config or obtain long-term privileges. It is user-invocable and can be invoked autonomously per platform defaults (not flagged alone).
Assessment
This skill appears to be a legitimate, read-only OpenClaw security auditor, but it will run broad system queries and read logs/configs that may contain sensitive data. Before installing or running: (1) review and confirm the skill will only be run on hosts you control; (2) prefer running it as a non-root user (some checks may produce UNKNOWN without root); (3) expect potentially heavy operations (e.g., find /) — run on a test system first; (4) verify that any remediation actions are only executed after explicit approval (the SKILL.md states this); and (5) if you need stricter privacy, ask the auditor to skip specific paths (home, backups) or to run interactively so you can redact outputs before any external transmission. If you want greater assurance, request a copy of the exact commands the agent will run for each check before execution.

Like a lobster shell, security has layers — review code before you run it.

latestvk9751gztrdet3mpce8x59p9ew580k588

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments