ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Security Hardener

v1.0.0

One-command OpenClaw security audit, scoring, and auto-remediation. Addresses CVE-2026-33579 and common misconfigurations. Scans for exposed API keys, weak f...

0· 81·0 current·0 all-time
by@stevojarvisai-star

Install

OpenClaw Prompt Flow

Install with OpenClaw

Best for remote or guided setup. Copy the exact prompt, then paste it into OpenClaw for stevojarvisai-star/security-hardener.

Previewing Install & Setup.
Prompt PreviewInstall & Setup
Install the skill "Security Hardener" (stevojarvisai-star/security-hardener) from ClawHub.
Skill page: https://clawhub.ai/stevojarvisai-star/security-hardener
Keep the work scoped to this skill only.
After install, inspect the skill metadata and help me finish setup.
Use only the metadata you can verify from ClawHub; do not invent missing requirements.
Ask before making any broader environment changes.

Command Line

CLI Commands

Use the direct CLI path if you want to install manually and keep every step visible.

OpenClaw CLI

Bare skill slug

openclaw skills install security-hardener

ClawHub CLI

Package manager switcher

npx clawhub@latest install security-hardener
Security Scan
Capability signals
CryptoRequires walletRequires OAuth token
These labels describe what authority the skill may exercise. They are separate from suspicious or malicious moderation verdicts.
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The name/description (security hardener for OpenClaw) matches what the Python script does: scanning OpenClaw config/workspace, searching for secrets, checking permissions, network binding, plugin state, and offering auto-fixes. Requiring no external credentials and no install is plausible for a local hardening tool. Note: the tool claims to 'remove API keys from memory/SKILL.md files' and 'disable unsigned plugins' — those actions legitimately belong to a hardener but will modify other skill files and plugin state (see persistence_privilege).
!
Instruction Scope
SKILL.md and the script instruct the agent to scan many user paths (configs, workspace, .env files, shell history, git history) and to apply fixes (chmod, edit config, move/remove secrets, change bind address, disable plugins). Scanning shell history and git history and editing SKILL.md files can touch unrelated sensitive data and other installed skills. There's also an inconsistency: SKILL.md says 'Enables auth if disabled' in auto-fix, but the code's auth check marks enabling auth as not auto-fixable (requires user to pick a token). That mismatch affects user expectations about what the 'fix' command will do automatically.
Install Mechanism
No install spec — the skill includes an executable Python script only. This is lower risk than network-based installs. The shipped script will be executed locally; nothing in the provided excerpts shows it downloads and executes external code.
Credentials
The skill requests no environment variables or credentials, which is appropriate. However, it will read many local files (config, workspace, .env, shell history, git history). That is expected for secret scanning, but it's a high-sensitivity operation because it may find or touch secrets from unrelated services (AWS, OpenAI, Stripe, etc.). The script's SECRET_PATTERNS explicitly include many providers, so it will detect (and some commands claim to remove/relocate) sensitive credentials without requiring explicit user-supplied tokens.
!
Persistence & Privilege
The skill will modify local configuration and other skill files: changing openclaw.json, setting file permissions, moving secrets out of SKILL.md files, and disabling unsigned plugins. While these changes are in-scope for a hardener, they constitute modifications to other skills' files and to agent configuration. The skill is not 'always:true' and does not require autonomous invocation to run, but its auto-remediation operations have a real risk of breaking functionality or altering other skills. The user should expect the script to write to and change many files.
What to consider before installing
This tool largely does what it says (scan + fix OpenClaw security issues), but it reads and can modify many personal and agent-related files (shell history, .env, SKILL.md files, openclaw.json). Before running 'fix': (1) inspect the full scripts/security-hardener.py yourself or with a trusted reviewer—the provided excerpt is large but truncated; (2) run 'python3 scripts/security-hardener.py audit --json --verbose' and/or a dry-run mode first, and review the proposed changes carefully; (3) create backups (use the --backup-dir option) and/or test in an isolated environment; (4) verify provenance—the package lists 'GetAgentIQ' but the skill's source/homepage is unknown; prefer tools from known sources or signed releases; (5) be aware the script will modify other skills' SKILL.md files and plugin settings, so plan for rollbacks. If you want to proceed safely, request the full script (untruncated) and a checksum/signature from the publisher before allowing auto-remediation.

Like a lobster shell, security has layers — review code before you run it.

latestvk971m7w4a04tnq7t7q7e8pknqn8493ba
81downloads
0stars
1versions
Updated 3w ago
v1.0.0
MIT-0
@stevojarvisai-star
latest
Download

Security Hardener

One-command security audit + auto-fix for OpenClaw. Generates a score, finds vulnerabilities, fixes what it can.

Quick Start

# Full audit — scan everything, show score + findings
python3 scripts/security-hardener.py audit

# Auto-fix all fixable issues (creates backup first)
python3 scripts/security-hardener.py fix

# Scan for exposed API keys only
python3 scripts/security-hardener.py keys

# Check auth configuration
python3 scripts/security-hardener.py auth

# Generate markdown report
python3 scripts/security-hardener.py report

Commands

audit — Full Security Audit

Runs all checks, produces a 0-100 security score:

  • Auth check — Is authentication enabled? What type?
  • Transport check — HTTPS/TLS configured? Certificates valid?
  • Key exposure scan — API keys/tokens in config, memory, git history
  • Permission check — File permissions on sensitive files (config, memory, soul)
  • Plugin audit — Untrusted plugins, unsigned skills, risky permissions
  • Network check — Bound interfaces, exposed ports, firewall status
  • CVE check — Known OpenClaw CVEs against installed version

Options: --json for machine-readable output, --verbose for detailed findings.

fix — Auto-Remediate

Creates a timestamped backup, then fixes:

  • Sets restrictive file permissions (600 for config, 700 for workspace)
  • Removes API keys from memory/SKILL.md files (moves to .env)
  • Enables auth if disabled
  • Restricts bind address from 0.0.0.0 to 127.0.0.1
  • Disables unsigned plugins

Options: --dry-run to preview fixes without applying, --backup-dir <path>.

keys — API Key Scanner

Searches config files, memory files, SKILL.md files, .env files, shell history, and git history for exposed secrets. Pattern library covers 40+ key formats (AWS, OpenAI, Anthropic, Stripe, etc.).

auth — Auth Configuration Check

Verifies authentication is properly configured:

  • Gateway auth enabled and strong
  • Session tokens rotated
  • CORS policy appropriate
  • Rate limiting configured

report — Markdown Report

Generates a security posture report suitable for compliance or auditing. Includes score, all findings, recommendations, and fix commands.

Scoring

RangeRatingMeaning
90-100🟢 ExcellentProduction-ready
70-89🟡 GoodMinor issues, fix recommended
50-69🟠 FairSignificant gaps, fix required
0-49🔴 CriticalUnsafe for any exposure

Each finding has a severity (critical/high/medium/low) and a weight that affects the score.

CVE Coverage

Checks against known OpenClaw CVEs including:

  • CVE-2026-33579 — Unauthenticated remote access (63% of instances affected)
  • Transport layer vulnerabilities
  • Plugin sandbox escapes

See references/cve-database.md for full list and mitigation details.

Comments

Loading comments...