ClawHub
Skill flagged — review recommended

ClawHub Security found sensitive or high-impact capabilities. Review the scan results before using.

SkillSentryOpenClaw's Always‑On Security Cop

OpenClaw security audit + prompt injection detector. Scans gateway/vulns/cron/PI patterns. Use for frenzy-proofing installs.

Audits

Suspicious
ClawScanSuspicious

Agentic behavior and permission review.

Static analysisPass

Pattern checks against bundled files.

VirusTotalPass

Multi-engine malware detections and file reputation.

Install

openclaw skills install skillsentry

SkillSentry

Purpose

Audit a local OpenClaw install for security posture and common prompt-injection indicators. Produces a JSON report for review and alerting.

Workflow

  1. Canvas present: Launch the panel server and present the UI.
  2. User config: Update config.yaml (scan frequency, alerts, sensitivity).
  3. Cron setup: Schedule scripts/audit.sh at the chosen cadence.
  4. Report/Alert: Review JSON output and alert if prompt-injection hits or unexpected open ports are found.

Usage

Panel (recommended)

node scripts/panel-server.js

Then present the UI:

  • canvas.presenthttp://localhost:8133 (Scan / Settings / Logs)

Config (CLI)

node scripts/config.js get
node scripts/config.js set Scan_freq daily alerts telegram sensitivity high

Audit (CLI)

bash scripts/audit.sh > report.json

Notes

  • Local-only scans; no network calls outside localhost.
  • Panel server is local and stores the last report at logs/last-report.json.
  • config.yaml defaults: Scan_freq=daily, alerts=telegram, sensitivity=high.
  • Safe for routine security checks and “frenzy-proofing”.

Contact: Jeffrey Coleman | smallbizailab79@gmail.com | Custom audits/enterprise.