ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

HostGuard

v1.0.0

Check whether OpenClaw is listening beyond localhost or running with elevated privileges, then offer a conservative lockdown fix.

0· 259·0 current·0 all-time
by@tobewin
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name and description (check listener binding + elevated privileges, offer conservative fix) match what the code and SKILL.md do. Declared requirements (whoami plus lsof or netstat) are consistent with inspecting privileges and network listeners. Declared config paths (.env.*) match the files the code reads.
Instruction Scope
SKILL.md instructs only to read specific env files, run lsof/netstat to inspect local listeners, and check elevation; the code follows that. The skill does not attempt to read unrelated system config, request external network endpoints, or exfiltrate data. The fix behavior is constrained to editing an existing HOST/OPENCLAW_HOST entry and creating a .bak backup, as documented.
Install Mechanism
No install spec (instruction-only with a code file). The implementation uses local system binaries (lsof/netstat/whoami) and Node APIs; there are no downloads or external package fetches in the provided code.
Credentials
The skill requests no secrets or environment variables. It reads only the declared env files (.env variants). The required binaries and file paths are proportional to the stated purpose.
Persistence & Privilege
The skill is not forced-always, does not claim permanent presence, and will only modify files when the explicit apply_lockdown_fix method is called. File modifications are limited to creating a .bak and editing the host entry in the specific env file (it will not add a host entry automatically).
Assessment
This skill reads your local .env files, runs local network/listener checks (lsof or netstat) and a user-identity check (whoami or process.getuid) to assess exposure and privileges. It will only edit a file if you explicitly invoke the lockdown fix; when it does, it creates a .bak backup and only replaces an existing HOST/OPENCLAW_HOST value with 127.0.0.1. Before installing, ensure you are comfortable allowing the agent to run local commands and read the listed .env files; review any proposed change before confirming the fix. If you need tighter control, run the skill manually rather than allowing autonomous invocation.

Like a lobster shell, security has layers — review code before you run it.

latestvk975nakfaa7w0v1s9bsmrecgm582g366

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

🛡️ Clawdis
OSmacOS · Linux · Windows
Binswhoami
Any binlsof, netstat
Config.env, .env.local, .env.development, .env.production

Comments