ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

OpenClaw Security Scanner

Run a comprehensive local security scan on your OpenClaw installation. Checks config, network exposure, credentials, OS hardening, and agent guardrails. Scor...

MIT-0 · Free to use, modify, and redistribute. No attribution required.
0 · 1.6k · 14 current installs · 14 all-time installs
by@Jkahn-tr
MIT-0
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Benign
medium confidence
Purpose & Capability
Name/description match the actual behavior: the script inspects OpenClaw config, network exposure, file permissions, tokens, and guardrails. It does not declare unrelated credentials or external services and relies on standard UNIX tools and optional OPENCLAW_HOME, which is proportional to its purpose.
Instruction Scope
SKILL.md instructs running the included bash script. The script legitimately reads config files (openclaw.json, secrets.env, alternate locations), examines listening ports and permissions, and can apply fixes when --fix is passed. It uses eval to execute user-confirmed fix commands and parses JSON via grep; both are expected but warrant review. The provided script text was truncated in the listing — I could not verify the final portions for hidden network calls or other unexpected behavior, so review of the full file before running --fix is recommended.
Install Mechanism
No install spec; this is instruction-only with an included script. That is low-risk compared with arbitrary remote installers. The script is stored in the skill bundle and executed locally.
Credentials
The skill requests no external credentials and only optionally reads OPENCLAW_HOME and local OpenClaw files (config, secrets). Reading secrets.env and config files is appropriate for a scanner, but those files may contain sensitive data — the script promises local-only operation and read-only by default; confirm that before running and avoid providing secrets via other environment variables.
Persistence & Privilege
Skill does not request persistent presence (always:false). It does not modify anything unless --fix is explicitly supplied and prompts for confirmation. Model invocation/autonomy flags are default and acceptable.
Assessment
This appears to be a coherent, local-only OpenClaw security scanner, but take these precautions before running it: 1) Inspect the full oc-security-scan.sh yourself (especially the truncated tail) to confirm there are no network calls (curl/wget/nc) or unexpected uploads. 2) Run without --fix first to review findings; do not run --fix unattended. 3) Run as a non-root user unless you explicitly need deeper checks, and back up configs before applying fixes. 4) Be aware the script will read config and secrets files (e.g., secrets.env) to check for plaintext tokens — that is expected behavior for a scanner but means the script has access to sensitive data while running. 5) If you need highest assurance, run it in an isolated environment (VM/container) and review any fix commands the script proposes before accepting them.

Like a lobster shell, security has layers — review code before you run it.

Current versionv1.0.0
Download zip
latestvk976xb1bp4v3wr5g0njw8aa7b5819fct

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

SKILL.md

Security Scanner

Run a local security assessment on any OpenClaw installation.

Usage

The skill provides a bash script that scans your OpenClaw setup and reports findings with severity levels.

Quick scan (read-only)

bash "$(dirname "$0")/oc-security-scan.sh"

Auto-fix issues

bash "$(dirname "$0")/oc-security-scan.sh" --fix

Save a report

bash "$(dirname "$0")/oc-security-scan.sh" --report

JSON output

bash "$(dirname "$0")/oc-security-scan.sh" --json

What It Checks

  • OpenClaw Configuration — bind address, token strength, config permissions, exec security mode
  • Network Exposure — listening ports, firewall status, public interface exposure
  • Credential Hygiene — plaintext secrets, file permissions, .gitignore patterns
  • OS Hardening — disk encryption, auto-updates, OS version, root usage
  • Agent Guardrails — RULES.md, memory file permissions, safety constraints

Output

Color-coded terminal output with severity levels:

  • 🔴 CRITICAL — immediate action required
  • 🟡 WARNING — should be addressed
  • 🟢 PASS — looks good
  • ⚪ INFO — informational

Ends with a security score out of 100 (A-F grade).

Security Philosophy

  • Local only — zero external network calls, nothing phones home
  • Read-only by default — only modifies files when --fix is explicitly passed
  • Owner-operated — designed to be run by the OpenClaw owner on their own machine
  • No dependencies — standard unix tools + openclaw CLI only

Files

3 total
Select a file
Select a file to preview.

Comments

Loading comments…