ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

OpenClaw Security Check

Security self-check for OpenClaw deployments. Audits openclaw.json config and host security in one pass: gateway exposure, auth mode, token strength, channel...

MIT-0 · Free to use, modify, and redistribute. No attribution required.
0 · 268 · 1 current installs · 1 all-time installs
byMadoka@guoqunabc
MIT-0
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Benign
medium confidence
Purpose & Capability
The name/description state a fast OpenClaw config + host security audit; the bundled script reads ~/.openclaw/openclaw.json, inspects firewall/SSH/listening ports, and scans channel policies and file permissions — all consistent with the stated checks. There are no unrelated credentials, binaries, or external endpoints requested.
Instruction Scope
The shipped script is read-only and implements the 10 checks described in SKILL.md. However SKILL.md also documents an 'Auto-Fix Flow' with concrete commands (apt install ufw, chmod, sed edits to /etc/ssh/sshd_config, firewall enable, openclaw gateway restart) that modify system state and require sudo. The documentation says to confirm with the user first, but that is a policy-level instruction — the agent could be asked to run fixes unless you enforce confirmation. Also the SKILL.md suggests adding the script to periodic heartbeat/cron which would make the checks automatic; ensure fixes are not automated without explicit approval.
Install Mechanism
No install spec; this is an instruction-only skill with a bundled shell script. That is low-risk from an installation perspective — nothing is downloaded or written during install.
Credentials
The skill requires no environment variables or external credentials. It reads HOME and system files (/etc/ssh/sshd_config, ~/.openclaw/openclaw.json), which is proportionate to auditing host and config. The auto-fix commands require elevated privileges (sudo) which is expected for the kinds of system changes suggested but increases potential impact if executed without supervision.
Persistence & Privilege
always:false (no forced inclusion) and default autonomous invocation is allowed (disable-model-invocation:false). Autonomous invocation alone is normal, but combined with documented auto-fix recipes increases blast radius: if the agent is permitted to run fixes automatically, it could install packages or modify SSH/firewall settings. Prefer to require explicit user confirmation before any fix actions and avoid scheduling auto-fix via heartbeat/cron unless you trust the environment.
Assessment
This skill appears to do what it claims (a quick OpenClaw config + host audit) and the bundled script is readable — good signs. Before installing or enabling automated invocation: 1) Review the full scripts/security-check.sh yourself to verify behavior (it is included). 2) Use the script in read-only/reporting mode first (scripts/security-check.sh or --json) to see findings. 3) Do NOT allow the agent to run auto-fix commands without explicit, interactive confirmation; the fixes use sudo, apt, chmod, sed and can lock you out if misapplied. 4) If you plan to schedule checks, schedule only read-only reports; never auto-apply fixes from cron/heartbeat. 5) Backup ~/.openclaw/openclaw.json and ensure you have a second active SSH session before applying SSH/firewall changes. 6) Prefer running the audit in a staging environment first. If you want, restrict the skill so it can only produce reports and not execute remediation steps autonomously.

Like a lobster shell, security has layers — review code before you run it.

Current versionv1.0.0
Download zip
latestvk97598dmpmpy12b60wyh0p71gd82fj9n

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

SKILL.md

OpenClaw Security Check

Fast 10-point security audit for OpenClaw config + host. Read-only by default, optional auto-fix.

Quick Start

Run the bundled script for a non-interactive report:

scripts/security-check.sh        # human-readable
scripts/security-check.sh --json # structured output

Or tell the agent: "run a security check" / "audit my OpenClaw config".

What It Checks

#CheckSeverity if failedWhat it looks at
1Gateway BindCRITICALgateway.bind — must be loopback, not 0.0.0.0
2Gateway AuthCRITICALgateway.auth.mode — must not be off/none
3Token StrengthHIGHgateway.auth.token — must be ≥32 chars
4DM PolicyHIGHPer-channel dmPolicyopen without allowFrom is dangerous
5Group PolicyHIGHPer-channel groupPolicyopen/any allows strangers to trigger the agent
6Config PermissionsMEDIUMFile mode of openclaw.json — should be 600 or 400
7Plaintext SecretsMEDIUMScans config values for keys matching password/secret/apiKey/privateKey
8Host FirewallHIGHUFW or firewalld must be installed and active
9SSH HardeningMEDIUMPasswordAuthentication and PermitRootLogin in sshd_config
10Exposed PortsMEDIUMCount of non-loopback listening ports (>8 = FAIL)

Auto-Fix Flow

If any item is FAIL or WARN, offer fixes. Always confirm with the user first.

Fix Recipes

#1 Gateway Bind → FAIL: Set gateway.bind to "loopback". Use openclaw CLI if available, otherwise edit openclaw.json.

#2 Gateway Auth → FAIL: Set gateway.auth.mode to "token". Generate a strong token if missing:

openssl rand -hex 24

#3 Token Strength → FAIL/WARN: Replace with a new 48-char hex token: openssl rand -hex 24. Warn user that paired clients will need the new token.

#4 DM Policy → FAIL: Set affected channels to "dmPolicy": "pairing", or add specific IDs to allowFrom.

#5 Group Policy → FAIL: Set affected channels to "groupPolicy": "allowlist".

#6 Config Permissions → FAIL/WARN:

chmod 600 ~/.openclaw/openclaw.json

#7 Plaintext Secrets → WARN: Cannot auto-fix safely. Advise moving secrets to environment variables or .env.local.

#8 Host Firewall → FAIL:

sudo apt install ufw -y
sudo ufw default deny incoming
sudo ufw default allow outgoing
# IMPORTANT: Allow SSH before enabling!
sudo ufw allow from <trusted_ip_or_subnet> to any port 22 proto tcp
sudo ufw enable

#9 SSH Hardening → WARN:

sudo cp /etc/ssh/sshd_config /etc/ssh/sshd_config.bak
sudo sed -i 's/^#*PasswordAuthentication .*/PasswordAuthentication no/' /etc/ssh/sshd_config
sudo sed -i 's/^#*PermitRootLogin .*/PermitRootLogin no/' /etc/ssh/sshd_config
sudo sshd -t && sudo systemctl reload ssh

CRITICAL: Ensure key-based SSH access works in a separate session before closing current one.

#10 Exposed Ports → WARN/FAIL: Review with ss -ltnp, close unnecessary services, or restrict with firewall rules.

Fix Rules

  • Backup first: cp ~/.openclaw/openclaw.json ~/.openclaw/openclaw.json.bak
  • Merge, don't overwrite: Modify only the specific keys, preserve everything else.
  • SSH changes need special care: Always test access in a second session before closing the first.
  • Firewall: allow SSH first, enable second. Getting this backwards locks you out.
  • After config changes: openclaw gateway restart to apply.
  • Re-run the check after fixes to confirm everything passes.

Integration

Heartbeat

Add to HEARTBEAT.md for periodic checks:

- Every heartbeat: Run scripts/security-check.sh, alert on any FAIL

Cron

Schedule via OpenClaw cron for standalone audits:

openclaw cron add --name "security-check" --schedule "0 8 * * *" --task "Run scripts/security-check.sh and report results"

Combining with healthcheck skill

This skill focuses on fast config + host audit (10 checks, <5 seconds). The built-in healthcheck skill provides a full hardening workflow (risk profiling, remediation planning, guided execution). Use this skill for quick checks; escalate to healthcheck for comprehensive hardening.

Files

2 total
Select a file
Select a file to preview.

Comments

Loading comments…