openclaw-triage-pro
Full incident response suite: investigate compromises, auto-contain threats, guided remediation, evidence export, post-incident hardening, and pre-built response playbooks. Cross-references all OpenClaw security tools for unified analysis. Everything in openclaw-triage (free) plus automated response.
Why use this skill?
Secure your OpenClaw workspaces with Triage Pro. Automated threat detection, forensic evidence collection, and rapid remediation for agent security.
Install via CLI (Recommended)
clawhub install openclaw/skills/skills/atlaspa/openclaw-triage-proWhat This Skill Does
OpenClaw Triage Pro is an advanced incident response suite designed specifically for OpenClaw agent workspaces. While the standard triage skill provides visibility into potential issues, the Pro version adds an active layer of defense. It automates the investigation, containment, and remediation lifecycle. When anomalous behavior is detected—such as unauthorized file modifications, unexpected skill behavior, or security tool alerts—Triage Pro acts as your automated security operations center. It provides forensic-grade evidence collection, automated threat containment, and guided remediation playbooks to ensure your workspace returns to a secure state with minimal downtime.
Installation
To install this skill, use the clawhub CLI within your terminal:
clawhub install openclaw/skills/skills/atlaspa/openclaw-triage-pro
Once installed, ensure your workspace permissions allow the script to access internal file structures and security logs.
Use Cases
- Automated Threat Containment: Automatically quarantine suspicious skills and lock down critical system files when a high-severity threat is detected.
- Forensic Investigation: Preserve the state of a compromised environment with cryptographically verifiable evidence collection (SHA-256) before starting recovery.
- Post-Incident Hardening: Use guided playbooks to identify configuration drift or vulnerabilities that allowed the incident to occur, effectively patching the root cause.
- Unified Security Analysis: Cross-reference telemetry from warden, ledger, and sentinel to build a high-fidelity timeline of adversarial actions.
Example Prompts
- "OpenClaw, I noticed some odd behavior in my workspace. Run a full triage investigation and tell me if any files have been compromised."
- "My last task failed with a security alert. Use Triage Pro to build an incident timeline and suggest a remediation path."
- "Evidence collection complete. Now, automate the quarantine of the affected skills and show me the blast radius of this breach."
Tips & Limitations
- Permissions: Because this tool performs file-write and quarantine operations, ensure it runs in a controlled environment where you understand the scope of its access.
- Backups: While Triage Pro creates read-only backups during lockdowns, always maintain off-site backups of critical configuration files.
- Performance: For very large workspaces, the
timelinecommand can be resource-intensive; consider using the--hoursflag to limit the scope to recent activity during initial investigations. - Collaboration: Triage Pro logs are compatible with other OpenClaw tools; share the generated report with team members for unified incident response.
Metadata
Not sure this is the right skill?
Describe what you want to build — we'll match you to the best skill from 16,000+ options.
Find the right skillPaste this into your clawhub.json to enable this plugin.
{
"plugins": {
"official-atlaspa-openclaw-triage-pro": {
"enabled": true,
"auto_update": true
}
}
}Tags(AI)
Flags: file-write, file-read, code-execution
Related Skills
openclaw-egress
Skill by atlaspa
cost-governor
Skill by atlaspa
openclaw-vault
Skill by atlaspa
openclaw-security
Unified security suite for agent workspaces. Installs, configures, and orchestrates all 11 OpenClaw security tools in one command — integrity, secrets, permissions, network, audit trail, signing, supply chain, credentials, injection defense, compliance, and incident response.
openclaw-warden
Skill by atlaspa