ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Security Essentials

Harden your OpenClaw agent deployment — SSH lockdown, firewall rules, automated security audits, secret rotation reminders, RAM/process monitoring, and CVE a...

MIT-0 · Free to use, modify, and redistribute. No attribution required.
0 · 41 · 0 current installs · 0 all-time installs
bynograve.dev@nogravedev
MIT-0
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
!
Purpose & Capability
The description promises SSH lockdown, firewall changes, secret scans, cron jobs, process killing, and external alerts — activities that normally require root/sudo, specific binaries, or persistent installers. The skill declares no required binaries, no install steps, no config paths, and no credentials, which is inconsistent with the claimed capabilities.
!
Instruction Scope
SKILL.md is high-level marketing/feature text rather than concrete runtime instructions. It implies reading system state (open ports, files, secrets), modifying system configuration (SSH, firewall, cron), and sending findings to a 'preferred channel' — but gives no constraints, no target endpoints, and no explicit commands. This vagueness grants broad discretion and could lead to unbounded system access if executed.
Install Mechanism
No install spec and no code files (instruction-only), which is lower surface risk from arbitrary downloads. However, for the claimed persistent changes (cron, monitoring, auto-kill), an install or explicit agent actions would normally be required; the absence of an install mechanism is therefore unexpected and unclear.
!
Credentials
The skill requests no environment variables or credentials despite needing to send alerts to external channels and perform privileged system actions. Expected requirements (e.g., channel/webhook tokens, sudo access, or paths to system configs) are missing, making the declared environment footprint disproportionate and unexplained.
!
Persistence & Privilege
The skill's features imply creating persistent artifacts (cron jobs, monitoring processes) and making system-level changes. Although 'always' is false, autonomous model invocation is allowed by default; combined with the other inconsistencies this increases risk unless explicit safeguards and permission boundaries are provided.
What to consider before installing
This skill promises sensitive, privileged changes (firewall/SSH hardening, killing processes, secret scanning, creating cron jobs, and sending alerts) but gives no technical details about how it will do that or what permissions it requires. Before installing: ask the author for the full runtime instructions and source code; require explicit explanation of what commands will run and whether sudo/root is needed; verify where reports/alerts are sent (which endpoint and who controls it); prefer a version that provides an install script from a trusted source (or packaged binaries) and a least-privilege operation mode; test in an isolated environment or VM first; do not grant elevated privileges or production credentials until you can review the implementation. If the publisher cannot provide concrete details and code, treat it as too risky to install.

Like a lobster shell, security has layers — review code before you run it.

Current versionv1.2.0
Download zip
latestvk978c2vv5q0rrv5q0m50v8xq5183vf6x

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

SKILL.md

Security Essentials — Agent Deployment Hardening

Production-tested security patterns for OpenClaw agents running on Mac, Linux, VPS, or Raspberry Pi. Built from real incidents — not theoretical checklists.

What's Included (Full Kit)

  • Host hardening audit — SSH config, firewall status, open ports, system updates, file permissions, running processes. Prioritized findings (🔴/🟡/🟢) with exact fix commands.
  • Secret hygiene system — scans for exposed secrets, tracks rotation dates, alerts on expiring tokens, checks .gitignore coverage
  • Process & RAM monitoring — identifies memory hogs, auto-kills resource drains, anomaly detection, zombie process cleanup
  • Network exposure checks — services on 0.0.0.0, database ports, VPN verification, DNS leak testing
  • Automated security cron — daily recurring audit with findings sent to your preferred channel
  • 5 incident response playbooks — compromised token, unexpected process, high resource usage, failed logins, exposed secrets in git
  • Full audit checklist — SSH, firewall, system, OpenClaw-specific, and network categories

Why This Exists

In March 2026, 9 OpenClaw CVEs dropped in one week. Most agents run on personal machines with default configs — SSH with password auth, no firewall, secrets in plaintext, database ports exposed.

This kit is built from patterns developed running a production agent 24/7. Every check caught a real problem at least once.

What Your Agent Can Do After Install

  • "Run a full security audit"
  • "Check if any secrets are exposed"
  • "Set up weekly security reports"
  • "What ports are open on this machine?"
  • "Monitor for suspicious processes"
  • "When should I rotate my API keys?"

Get Security Essentials

$9 — Complete security hardening kit with all audits, playbooks, and monitoring.

👉 https://clawkits.gumroad.com (coming soon)

Also check out Agent Core ($39) and The Trading Desk ($29): 👉 https://clawkits.gumroad.com

Author

Built by ClawKits — production-tested systems for AI agents. https://clawkits.xyz

Files

1 total
Select a file
Select a file to preview.

Comments

Loading comments…