openclaw-security-watchdog
PassAudited by VirusTotal on May 11, 2026.
Overview
Type: OpenClaw Skill Name: openclaw-security-watchdog Version: 1.1.1 The bundle is a legitimate security auditing tool designed to perform system-wide health checks, monitor sensitive file changes, and audit agent behavior. While it possesses high-risk capabilities—such as scanning network ports, reading system logs, and uploading device identifiers (MAC address, hostname) and a list of installed skills to a remote threat intelligence service (auth.ctct.cn)—these actions are core to its stated purpose. The tool demonstrates a high level of transparency: SKILL.md requires explicit user consent ('2 已了解') before enabling data uploads, and the script openclaw-hybrid-audit-changeway.js specifically redacts sensitive data and excludes technical command details from the uploaded payload. Furthermore, the documentation in references/cron-setup.md explicitly warns against using the upload feature in automated tasks to protect user privacy.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Running the skill will execute local audit commands and may collect detailed local diagnostics into reports.
The script invokes local CLI/system commands to perform the audit. This is central to the stated purpose, but it means the skill can inspect local system state.
result = spawnSync('openclaw', safeArgs, { stdio: 'pipe', encoding: 'utf-8', timeout: 30000 });Run it only when you intend to perform a local security audit, and review the generated report path before sharing report contents.
If you choose full detection, the remote service can associate your device and installed Skills with a persistent identifier.
The optional --push mode sends device identifiers and the installed Skill inventory to the disclosed Changeway service. The instructions require explicit user confirmation and prohibit using --push in cron.
⚠️ --push 高风险提示:启用后会向远端发送设备标识(MAC 地址、主机名、持久化 agent_id)和本机完整 Skill 清单
Use the local-only mode for privacy-sensitive environments; choose --push only after reading the disclosure and do not add --push to scheduled jobs.
If enabled, the audit can run automatically every day and send a summary through the configured OpenClaw announcement channel.
The skill can guide the user to create a recurring OpenClaw cron task. The task is disclosed, user-selected, and explicitly excludes --push, but it is persistent automation.
openclaw cron add ... --name "changeway-security-audit" ... --cron "45 23 * * *" ... --session "isolated"
Only configure the cron job if you want recurring scans, and use `openclaw cron list` or `openclaw cron remove` to review or remove it later.
Detailed audit artifacts may remain on disk and could reveal local security details to anyone with access to your OpenClaw state directory or backups.
The skill persists detailed reports, baselines, and a device identifier under the user's OpenClaw directory. This is disclosed and scoped to local storage.
本地写入:扫描报告保存至 ~/.openclaw/security-reports/ ... Skill 哈希基线保存至 ~/.openclaw/skill-hashes/,设备 ID 保存至 ~/.openclaw/.agent-id
Keep your home/OpenClaw directory protected, and delete old reports or the agent_id if you no longer want them retained.
Users may need to verify the publisher and dependencies manually before relying on the skill.
The registry metadata provides limited provenance and does not declare the Node.js/OpenClaw CLI runtime dependencies described in SKILL.md.
Source: unknown; Homepage: none; Required binaries (all must exist): none
Review the included script and publisher identity, and confirm Node.js and the OpenClaw CLI are available before running the audit.