ClawHub

Security Monitor Deploy

v1.0.0

Comprehensive security audit for OpenClaw deployments. Checks Docker port bindings, SSH config, openclaw.json settings, file permissions, exposed services, a...

0· 635·0 current·0 all-time
by@aiwithabidi

Install

OpenClaw Prompt Flow

Install with OpenClaw

Best for remote or guided setup. Copy the exact prompt, then paste it into OpenClaw for aiwithabidi/security-monitor-deploy.

Previewing Install & Setup.
Prompt PreviewInstall & Setup
Install the skill "Security Monitor Deploy" (aiwithabidi/security-monitor-deploy) from ClawHub.
Skill page: https://clawhub.ai/aiwithabidi/security-monitor-deploy
Keep the work scoped to this skill only.
After install, inspect the skill metadata and help me finish setup.
Required binaries: docker
Use only the metadata you can verify from ClawHub; do not invent missing requirements.
Ask before making any broader environment changes.

Command Line

CLI Commands

Use the direct CLI path if you want to install manually and keep every step visible.

OpenClaw CLI

Bare skill slug

openclaw skills install security-monitor-deploy

ClawHub CLI

Package manager switcher

npx clawhub@latest install security-monitor-deploy
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
medium confidence
Purpose & Capability
Name/description claim a local security audit. The skill only requires the docker binary and its script inspects OpenClaw config files, Docker, SSH, firewall, listening services, and file permissions — all consistent with an audit tool. No unrelated credentials or binaries are requested.
Instruction Scope
The SKILL.md instructs the agent to run the included shell script which enumerates and inspects local files (/root/.openclaw/openclaw.json, ~/.openclaw, /etc/ssh/sshd_config, /var/run/docker.sock, SSH key dirs, .env files) and runs docker/ss/netstat/iptables/ufw commands. This is expected for a security audit, but these actions access sensitive local files and system state — the script checks permissions and configuration but generally does not display full private key contents in the portions shown. The SKILL.md and script are consistent, but the script was truncated in the review so the full behavior could not be confirmed.
Install Mechanism
No install spec; this is instruction-only with a bundled script. Nothing is downloaded or written to disk by an installer. This is the lower-risk pattern for skills that are local-audit focused.
Credentials
The skill declares no required environment variables or credentials, which is appropriate. However, the script reads various sensitive files and system resources (openclaw.json, .env files, SSH key paths, Docker socket and container details). Those accesses are proportionate to an auditing tool but are inherently sensitive — running the script gives it the ability to inspect local secrets and container metadata (Docker inspect can reveal container environment variables).
Persistence & Privilege
The skill is not always-enabled and does not request persistent presence or modify other skills. It runs as a one-off script when invoked. The agent's autonomous invocation capability is default and not combined with other concerning privileges here.
Assessment
This skill appears to do what it says: a local security audit. Before installing or running it: 1) Review the entire scripts/security_audit.sh file yourself (the provided content was truncated in the review). 2) Run it on a non-production or disposable system first (or inside an isolated container/VM) so you don't expose real secrets during testing. 3) Note it inspects /var/run/docker.sock and may run docker inspect/ps — if your Docker containers hold secrets in environment variables, the audit may see them. 4) Confirm you trust the unknown publisher/homepage; if unsure, ask for source provenance or run the script under restricted privileges. 5) If you need higher assurance, have someone with shell experience audit the remainder of the script for any unexpected network calls, obfuscated behavior, or commands that read or transmit file contents.

Like a lobster shell, security has layers — review code before you run it.

Runtime requirements

🛡️ Clawdis
Binsdocker
agxntsixvk976d1zeknksntm606s97mrpeh817nvjlatestvk976d1zeknksntm606s97mrpeh817nvj
635downloads
0stars
1versions
Updated 2mo ago
v1.0.0
MIT-0
@aiwithabidi
agxntsixlatest
Download

Security Monitor 🛡️

Comprehensive security audit for OpenClaw deployments.

Scans your Docker configuration, SSH settings, firewall rules, OpenClaw config, and file permissions. Produces a security score (0-100) with actionable recommendations.

Quick Start

# Run full audit
bash {baseDir}/scripts/security_audit.sh

# JSON output
bash {baseDir}/scripts/security_audit.sh --json

# Specific checks only
bash {baseDir}/scripts/security_audit.sh --check docker
bash {baseDir}/scripts/security_audit.sh --check ssh
bash {baseDir}/scripts/security_audit.sh --check config
bash {baseDir}/scripts/security_audit.sh --check files
bash {baseDir}/scripts/security_audit.sh --check network

What It Checks

OpenClaw Config (25 points)

  • allowInsecureAuth must be false
  • dmPolicy must not be open/allow-all
  • Port bindings must use 127.0.0.1
  • API keys not hardcoded in config
  • Secure model permissions

Docker Security (25 points)

  • All port bindings use 127.0.0.1 (not 0.0.0.0)
  • No privileged containers (except necessary)
  • Docker socket permissions
  • Container resource limits
  • No --net=host unless needed

SSH Configuration (20 points)

  • Root login disabled (PermitRootLogin no)
  • Password authentication disabled
  • Key-based auth only
  • Non-standard port (bonus)
  • Fail2ban or similar active

Network & Services (15 points)

  • No unnecessary exposed ports
  • Firewall active (ufw/iptables)
  • Only expected services listening
  • HTTPS/TLS termination configured

File Permissions (15 points)

  • openclaw.json not world-readable
  • SSH keys proper permissions (600)
  • .env files not world-readable
  • Docker socket permissions
  • No sensitive files in /tmp

Scoring

ScoreRatingMeaning
90-100🟢 ExcellentProduction-ready
70-89🟡 GoodMinor improvements needed
50-69🟠 FairSeveral issues to address
0-49🔴 CriticalImmediate action required

Output Example

═══ Security Audit Report ═══
Date: 2026-02-15 00:30:00

[CONFIG] ✅ allowInsecureAuth: false
[CONFIG] ✅ dmPolicy: allowlist
[CONFIG] ✅ Ports bound to 127.0.0.1
[DOCKER] ✅ All containers bind to 127.0.0.1
[DOCKER] ⚠️  No resource limits on openclaw container
[SSH]    ✅ Root login disabled
[SSH]    ✅ Password auth disabled
[NET]    ✅ UFW active
[FILES]  ✅ Config file permissions OK

Score: 92/100 — 🟢 Excellent
Issues: 1 warning

Recommendations:
  1. Add resource limits to Docker containers

Credits

Built by M. Abidi | agxntsix.ai YouTube | GitHub Part of the AgxntSix Skill Suite for OpenClaw agents.

📅 Need help setting up OpenClaw for your business? Book a free consultation

Comments

Loading comments...