Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
OpenClaw Security Hardening Toolkit
v1.0.0Secures OpenClaw by auditing instance exposure, protecting credentials, verifying skill safety, enforcing gateway token access, and enabling session sandboxing.
⭐ 0· 24·0 current·0 all-time
by~K¹yle Million@thebrierfox
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
Capability signals
These labels describe what authority the skill may exercise. They are separate from suspicious or malicious moderation verdicts.
OpenClaw
Suspicious
medium confidencePurpose & Capability
The SKILL.md content is consistent with a security-hardening toolkit (network checks, secret rotation, verification checklist). However the registry metadata claims no required binaries or env vars while the runtime instructions assume many system tools (ss, curl, grep, openssl, python3, find, xargs) and an 'openclaw' CLI; that mismatch is unexpected and should be justified.
Instruction Scope
Instructions explicitly read and modify local configuration files (~/.openclaw/openclaw.json), search workspace files, move secrets to /etc/default/aegis, and restart the gateway. Those actions are within hardening scope but involve privileged file writes and service restarts; they also perform external network calls (ifconfig.me, curl) for reachability checks.
Install Mechanism
This is an instruction-only skill with no install spec or code files to write to disk, which reduces install-time risk. package.json only points entry to SKILL.md.
Credentials
The skill does not request environment variables or credentials from the registry metadata (none declared). The SKILL.md nevertheless enumerates many provider tokens that operators should rotate if found (GitHub, OpenAI, Stripe, Supabase, etc.). Listing these keys as things to audit is reasonable, but the skill does not request or require them explicitly — operators should understand the skill assumes the presence of such credentials on disk or in workspace files.
Persistence & Privilege
The instructions require (or recommend) editing system config (/etc/default/aegis), restarting services, and moving secrets into system paths — actions that typically need root or service-account privileges. The skill metadata does not declare this privilege requirement; granting those capabilities to an agent or running the checklist blindly could be risky.
What to consider before installing
This SKILL.md largely behaves like a legitimate hardening checklist, but before installing or running it: 1) note that the metadata lists no required binaries while the instructions call many system tools (ss, curl, openssl, python3, openclaw CLI). Confirm those tools exist and that the skill author intended that omission. 2) The checks and remediation steps will read/move config files and may require root (writing /etc/default/aegis, restarting the gateway). Back up openclaw.json and any affected files and test on a staging instance first. 3) Be aware the reachability test calls external services (ifconfig.me/curl) which reveals your public IP to a third party — run that step from a location you control or skip it if undesired. 4) Review the full SKILL.md yourself (or have a trusted admin do so) before permitting autonomous invocation: the instructions have the power to read many files and to write system-owned locations, so give the skill only the privileges and scope it needs. 5) What would raise confidence: author provenance (homepage or repo), an explicit list of required binaries and minimal privileges, and a dry-run mode that only reports findings without performing writes or restarts.Like a lobster shell, security has layers — review code before you run it.
latestvk9767jwvpjq6sz1zbzhg62xjr18463zh
License
MIT-0
Free to use, modify, and redistribute. No attribution required.