Audit OpenClaw Security
PassAudited by ClawScan on May 1, 2026.
Overview
This is a coherent defensive OpenClaw security-audit helper, but it runs local diagnostics and handles sensitive deployment details that users should review before sharing.
This skill appears safe for its stated defensive purpose. Before installing or using it, be aware that its helper scripts collect local security diagnostics and write them to an audit folder. Run it only on systems you are authorized to assess, do not provide raw secrets, and review or redact all outputs before sharing them.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Running the collector can reveal local host, firewall, network, Docker, and OpenClaw deployment details in the generated audit folder.
The helper script runs broad local diagnostic commands, including network-listener, firewall, Docker, and OpenClaw audit commands. This is expected for a security audit and is read-only/best-effort, but users should notice the breadth before running it.
run_cmd "net_lsof_listen" lsof -nP -iTCP -sTCP:LISTEN ... run_cmd_maybe_sudo "linux_nft_ruleset" nft list ruleset ... run_cmd "openclaw_security_audit_deep_json" openclaw security audit --deep --json
Run it only on OpenClaw systems you own or administer, and review generated files before sharing them.
The audit may expose which OpenClaw profile, gateway auth mode, skills, plugins, and state paths exist on the machine.
The script uses the current user's local OpenClaw and filesystem access to inspect state-directory metadata and security-sensitive configuration settings. It does not copy credential files, but it does rely on local deployment authority.
STATE_DIR="${OPENCLAW_STATE_DIR:-$HOME/.openclaw}" ... run_cmd "openclaw_state_ls" ls -la "${STATE_DIR}" ... run_cmd "openclaw_config_gateway_auth_mode" openclaw config get gateway.auth.modeUse it from an account authorized to administer the OpenClaw deployment, and do not share outputs that reveal sensitive account or environment details.
Shared audit output could disclose deployment topology, enabled tools, channel posture, or other sensitive operational metadata.
The workflow can bring detailed security-audit output into the agent conversation or generated reports. The skill includes redaction guidance, but users still need to review what they paste or upload.
Ask the user to run the following on the OpenClaw host and share the outputs ... openclaw status --deep ... openclaw security audit --deep --json
Prefer targeted reads and redacted outputs, use the bundled redaction script for full configs, and review all audit files before sharing them in chat or reports.