Token Safety Checker

Scan openclaw.json for plaintext secrets (tokens, API keys, passwords) and migrate them to environment variables using SecretRef. Use when the user asks to "...

MIT-0 · Free to use, modify, and redistribute. No attribution required.

⭐ 0 · 71 · 0 current installs · 0 all-time installs

byxinyu@maoisdamao

MIT-0

Security Scan

VirusTotal

Benign

View report →

OpenClaw

Benign

high confidence

✓

Purpose & Capability

Name/description match the included script and SKILL.md. The code scans openclaw.json, identifies likely secret fields, backs up the config, writes environment exports to the user's shell profile, and replaces values with SecretRef pointers — all exactly the advertised behavior.

✓

Instruction Scope

Runtime instructions and the script keep operations local: scan reports only paths/lengths, migrate re-reads config from disk and masks outputs, and the workflow requires user confirmation before changing files. The script does write to shell profile files and modifies openclaw.json, which is expected for this task.

✓

Install Mechanism

No install spec; this is an instruction-only skill with an included Python script. No remote downloads or package installs are requested by the skill itself.

✓

Credentials

The skill declares no required credentials or environment variables. It reads the SHELL environment to detect the profile (reasonable for locating the user's shell profile). No unrelated secrets or external service credentials are requested.

ℹ

Persistence & Privilege

The skill writes persistent changes to the user's shell profile and to openclaw.json (and creates a backup). This is expected for migrating secrets but is a meaningful file-system change—users should confirm and review before applying. The skill does not request permanent platform privileges (always:false).

Assessment

This tool is coherent with its stated purpose, but review and precaution are important: 1) Run the scan first and inspect the findings JSON; use --dry-run and confirm exactly which profile lines will be appended before migrating. 2) Understand the trade-off: secrets will be moved into your shell profile as plain environment variables (visible on disk and to processes that can read your environment). For higher security prefer SecretRef 'file' (secure file with restricted permissions) or 'exec' (password manager). 3) If your service runs under systemd or Docker, follow the SKILL.md instructions—sourcing a shell profile may not be sufficient. 4) Keep the backup (openclaw.json.bak) and test rollback if needed. 5) If you are on a multi-user or managed host, consider not storing secrets in user shell profiles; inspect the script before running to confirm it matches your risk tolerance.

Like a lobster shell, security has layers — review code before you run it.

Current versionv1.0.9

Download zip

latestvk970qmydyjhxe3gz75vpz4t8bx83y5pb

License

MIT-0

Free to use, modify, and redistribute. No attribution required.

Termshttps://spdx.org/licenses/MIT-0.html

SKILL.md

Token Safety Checker

Scan openclaw.json for plaintext secrets and migrate them to environment variables via SecretRef. All operations run locally. Secret values are never passed as CLI arguments, never logged, and never appear in agent context.

Script

Single entry point: scripts/safeclaw.py

python3 safeclaw.py scan    [--config PATH]
python3 safeclaw.py migrate [--findings JSON] [--config PATH] [--profile PATH] [--dry-run] [--restore]

How secrets are protected

Risk	Mitigation
Secret values in `scan` output	`scan` returns paths + lengths only — never values
Secret values in CLI args	`migrate` reads values from disk internally — never via `--values` arg
Secret values in dry-run output	Masked as `export VAR="***"`
Secret values in agent context	`findings` JSON only contains `path`, `env_var`, `length` — safe to pass through SKILL
Secret values in logs	No logging of values at any point

Workflow

1. Scan

python3 <skill_dir>/scripts/safeclaw.py scan [--config ~/.openclaw/openclaw.json]

Output (safe to use in agent context — no secret values):

{
  "findings": [
    { "path": "channels.discord.token", "env_var": "OPENCLAW_DISCORD_TOKEN", "length": 72 }
  ],
  "shell": { "name": "zsh", "profile": "~/.zshrc", "source_cmd": "source ~/.zshrc" }
}

Exit 0 = clean → report and stop. Exit 1 = findings → continue. Exit 2 = config not found.

2. Show findings to user and confirm

Present the findings table (path | env_var | length). Allow renaming env vars. Do not proceed without explicit confirmation.

3. Dry-run

python3 <skill_dir>/scripts/safeclaw.py migrate \
  --findings '<findings JSON from step 1>' \
  --dry-run

Show output to user. The script re-reads config from disk to verify findings are still current. Confirm before proceeding.

4. Migrate

python3 <skill_dir>/scripts/safeclaw.py migrate \
  --findings '<findings JSON from step 1>'

The script:

Re-scans config from disk to confirm findings are still plaintext
Backs up openclaw.json → openclaw.json.bak
Reads secret values internally from disk (not from CLI args)
Appends env exports to shell profile (skips duplicates, masks values in output)
Replaces plaintext values with SecretRef in openclaw.json

5. Source profile + restart gateway

⚠️ Check how the gateway is managed:

Shell-launched (most local setups):

source <profile>
openclaw gateway restart

systemd: Add vars to EnvironmentFile= in the unit — sourcing a shell profile won't work.

Docker: Pass via -e or environment: in compose.

6. Verify

python3 <skill_dir>/scripts/safeclaw.py scan   # exit 0 = clean
openclaw gateway status

7. Rollback

python3 <skill_dir>/scripts/safeclaw.py migrate --restore

SecretRef format

{ "source": "env",  "provider": "default", "id": "MY_ENV_VAR" }
{ "source": "file", "provider": "default", "id": "/path/to/secret.txt" }
{ "source": "exec", "provider": "default", "id": "command --prints --secret" }

env is recommended for most setups. For higher-security environments, prefer file or exec.

Files

5 total

Select a file

Select a file to preview.

Comments

Loading comments…