ClawKit Logo
ClawKitReliability Toolkit
Back to Registry
Official Verified system Safety 5/5

mfa-word

Challenges the user for a secret word before allowing access to sensitive files or system commands.

skill-install — Terminal

Install via CLI (Recommended)

clawhub install openclaw/skills/skills/cenralsolution/mfa-word
Or

What This Skill Does

The MFA Word skill acts as a robust security gatekeeper for your OpenClaw agent, introducing a layer of verification before any sensitive operations are performed. By implementing a secret word challenge, it ensures that unauthorized parties cannot leverage your AI agent to access critical files or execute system commands. The skill supports two operational modes: Standard Mode, which grants a 15-minute window of access, and the Dead Man's Switch mode, which requires re-authentication after every single sensitive action. It is designed for users who prioritize security in their AI-assisted workflows and want to protect sensitive assets like environment variables, SSH keys, or administrative configuration files.

Installation

You can integrate this skill into your environment by executing the following command in your OpenClaw terminal:

clawhub install openclaw/skills/skills/cenralsolution/mfa-word

Once installed, you must initialize the skill using the initialize_mfa tool. You will need to define your primary secret word, an emergency super-secret word for password resets, and the list of sensitive patterns (e.g., ".env", "password", "sudo").

Use Cases

  • Developer Workspaces: Automatically lock access to local .env files or database connection strings to prevent accidental leakage in shared environments.
  • System Administration: Protect administrative commands and sensitive system configuration files from being triggered inadvertently during general AI chats.
  • High-Security Environments: Use the Dead Man's Switch to ensure that every individual command modifying sensitive data is manually confirmed by the user.

Example Prompts

  1. "OpenClaw, read the .env file in this directory to configure the project environment."
  2. "Display the contents of my current SSH config to check the host definitions."
  3. "Please execute the sudo command to update the local package repository."

Tips & Limitations

  • Secret Management: Always choose a strong, unique secret word. If you forget your primary secret, use the reset_mfa tool with your super-secret word.
  • Time-outs: Remember that in Standard Mode, your session will automatically lock after 15 minutes of inactivity. You will need to provide the secret word again to regain access to sensitive commands.
  • Pattern Matching: Be specific when defining your sensitive_list. Overly broad patterns may lead to unnecessary friction, while vague patterns might leave some files unprotected.
Read Full Documentation on GitHub

Metadata

Author@cenralsolution
Stars3951
Views1
Updated2026-04-09
View Author Profile
AI Skill Finder

Not sure this is the right skill?

Describe what you want to build — we'll match you to the best skill from 16,000+ options.

Find the right skill
Add to Configuration

Paste this into your clawhub.json to enable this plugin.

{
  "plugins": {
    "official-cenralsolution-mfa-word": {
      "enabled": true,
      "auto_update": true
    }
  }
}

Tags(AI)

#security#mfa#authentication#privacy#access-control
Safety Score: 5/5

Flags: file-read

Related Skills

Google Suite

Skill by cenralsolution

cenralsolution 3951

secretary

Secure M365 Assistant for Triage, Calendar coordination, and Governance.

cenralsolution 3951