securityvitals
Security vitals checker, also known as ClawVitals. Scans your installation, scores your setup, and shows you exactly what to fix. First scan in seconds.
Install via CLI (Recommended)
clawhub install openclaw/skills/skills/bk-cm/securityvitalsWhat This Skill Does
The securityvitals skill, frequently referred to as ClawVitals, serves as a specialized diagnostic tool designed for self-hosted OpenClaw environments. It performs a comprehensive security audit of your installation by evaluating 6 stable security controls and 6 experimental controls. The output is a clear, actionable RAG (Red-Amber-Green) status report that identifies vulnerabilities and provides specific remediation steps to improve the overall security posture of your agent infrastructure.
This skill is built for system administrators and power users who require a high-level overview of their instance's health without constantly diving into raw log files. It aggregates data from critical system commands—including security audits, health checks, versioning, and node status—and distills them into a human-readable format.
Installation
To add this skill to your OpenClaw agent, execute the following command in your terminal or messaging surface:
clawhub install openclaw/skills/skills/bk-cm/securityvitals
Ensure that you have sufficient permissions to modify your local skill registry before proceeding. Once installed, the skill resides within your local environment and will be immediately available for invocation.
Use Cases
- Routine Security Hardening: Integrate this into your weekly maintenance routine to ensure your self-hosted setup hasn't drifted from recommended security configurations.
- Post-Update Verification: After performing a version upgrade, run the security scan to ensure no new misconfigurations or regressions were introduced during the update process.
- Troubleshooting Connectivity: Use the scan to quickly identify if underlying channel probes or node version incompatibilities are impacting your agent's communication stability.
- Pre-Audit Preparation: Get an immediate snapshot of your security controls before a more formal or manual audit of your server infrastructure.
Example Prompts
- "run clawvitals"
- "show clawvitals details"
- "Can you run a security scan and show me what to fix?"
Tips & Limitations
- Statelessness: The skill does not persist scan history. For recurring monitoring, visit the official clawvitals.io/plugin resource.
- Data Privacy: This skill is strictly local. It does not initiate network calls to third parties, ensuring your audit data remains within your perimeter. Note that some internal system commands (like update checks) may trigger their own native OpenClaw telemetry.
- Error Handling: If a system command fails during the data collection phase, the skill will gracefully report the specific area as 'N/A' rather than crashing or providing inaccurate, guessed information. Always verify remediation steps before applying major system changes.
Metadata
Not sure this is the right skill?
Describe what you want to build — we'll match you to the best skill from 16,000+ options.
Find the right skillPaste this into your clawhub.json to enable this plugin.
{
"plugins": {
"official-bk-cm-securityvitals": {
"enabled": true,
"auto_update": true
}
}
}Tags
Flags: file-read, code-execution
Related Skills
security-scanner
Scans OpenClaw skills for security vulnerabilities and suspicious patterns before installation
brand-butler-local-authority-engine
Brand Butler: Local Authority Engine — the white-glove SEO and AEO system for local service businesses. Use this skill immediately when the user asks about SEO rankings, backlinks, citations, site audits, Google Search Console indexing problems, competitor backlink analysis, directory submissions, schema markup, content placement articles, local map pack visibility, or AI answer engine optimization (Perplexity, ChatGPT, Google AI Overviews). Also triggers for any local business growth, online visibility, or 'why isn't my site ranking?' conversation. Works for agencies managing clients and business owners doing their own SEO. Covers HVAC, plumbing, electrical, law, dental, roofing, and any local service business. Built by Adrian Boysel.
agent-health-diagnostics
Diagnose and fix the 4 most common OpenClaw agent failures — heartbeat spam, API rate limit cascades, channel death loops, and memory/embedding errors. Battle-tested across a 6-agent multi-host deployment.
arc-shield
Output sanitization for agent responses - prevents accidental secret leaks
sealvera
Tamper-evident audit trail for AI agent decisions. Use when logging LLM decisions, setting up AI compliance, auditing agents for EU AI Act, HIPAA, GDPR or SOC 2, or when a user asks about AI decision audit trails, explainability, or SealVera.