Moltbot Security
PassAudited by ClawScan on May 1, 2026.
Overview
This is an instruction-only security hardening guide whose system-changing commands are disclosed and aligned with its stated purpose, but users should review privileged and remote-install commands before running them.
This skill appears to be a benign documentation-only hardening guide. Before following it, review each command carefully, especially --fix, sudo, firewall, SSH, and curl-piped installer commands, because they can persistently alter your machine or server.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Running the auto-fix path may alter gateway configuration or permissions, which could affect access to the local OpenClaw setup.
The guide recommends an auto-fix command that can modify OpenClaw security settings. This is disclosed and aligned with the security-hardening purpose, but it can change configuration without showing every change in the artifact.
openclaw security audit --deep --fix
Run auto-fix only when you intend to let OpenClaw change settings; consider running the audit without --fix first and reviewing backups or diffs before applying changes.
If the remote installer source or connection were compromised, running the command could change system packages or execute unintended setup logic.
The guide includes a remote shell-script installation command for Node.js setup. It is a common setup pattern and purpose-aligned, but it executes code fetched from the network with elevated privileges.
curl -fsSL https://deb.nodesource.com/setup_22.x | sudo -E bash -
Prefer official package-manager instructions where possible, inspect remote scripts before running them, and only run these commands from trusted networks and trusted vendor domains.
Incorrectly applying these commands, especially on a remote server, could block access to services or lock you out if SSH is not allowed first.
The firewall hardening steps require administrator privileges and persistently change network access rules. This is expected for firewall hardening, but it crosses an important privilege boundary.
sudo ufw default deny incoming sudo ufw allow ssh sudo ufw enable
Confirm you have console or recovery access before changing firewall or SSH settings, keep the SSH allow rule, and verify rules before enabling the firewall.