openclaw-security
Unified security suite for agent workspaces. Installs, configures, and orchestrates all 11 OpenClaw security tools in one command — integrity, secrets, permissions, network, audit trail, signing, supply chain, credentials, injection defense, compliance, and incident response.
Why use this skill?
Orchestrate all 11 OpenClaw security tools with one skill. Automate integrity, secret detection, compliance, and incident response for your AI agent workspaces.
Install via CLI (Recommended)
clawhub install openclaw/skills/skills/dexiaong/openclaw-securityfWhat This Skill Does
The openclaw-security skill serves as the comprehensive orchestration engine for the entire OpenClaw security ecosystem. Rather than managing individual security modules, this skill allows users to maintain, scan, and update eleven specialized security tools—including warden, sentry, and arbiter—through a single, unified interface. It automates the complex task of workspace hardening by providing a centralized command-line wrapper that interacts with the integrity, compliance, and incident response layers of your AI environment. By utilizing this skill, you ensure that your agent workspace is consistently monitored for threats like prompt injection, unauthorized credential exposure, and supply chain vulnerabilities.
Installation
To integrate the security suite into your agent, use the official ClawHub package manager. Run the following command in your terminal:
clawhub install openclaw/skills/skills/dexiaong/openclaw-security
Once installed, you must initialize the workspace environment. Navigate to your project directory and run:
python3 {baseDir}/scripts/security.py setup --workspace /path/to/workspace
This command establishes the necessary cryptographic baselines, audit ledgers, and policy configurations required for the suite to function correctly.
Use Cases
This skill is essential for developers managing production AI agents that handle sensitive data or interact with external APIs. Use the scan function during your CI/CD pipeline to automatically catch insecure code or hardcoded credentials before deployment. During incident response scenarios, the triage and ledger components allow you to investigate unauthorized actions or breaches with high forensic fidelity. It is also ideal for compliance-heavy environments where auditing every permission change and system modification is a legal or operational requirement.
Example Prompts
- "OpenClaw, please run a full security scan on my current workspace to identify any potential credential leaks or permission vulnerabilities."
- "I need to verify the integrity of my agent installation; can you list all security tools and confirm they are updated to the latest versions?"
- "Run a comprehensive protect sweep on the workspace to ensure all Pro-level countermeasures are active and enforcing my security policies."
Tips & Limitations
To maximize the efficacy of openclaw-security, ensure you perform the initial setup command whenever moving to a new workspace. While the free version provides excellent detection capabilities, the automated remediation features—such as automatic credential rotation and quarantine—are locked behind the Pro version. Note that while this tool manages the orchestration, it relies on system-level permissions. Ensure your environment has the necessary access to perform file operations and network analysis, as these are critical for the egress and warden modules to function correctly. Always review the generated audit logs in the ledger periodically to monitor for subtle, long-term security drifts.
Metadata
Not sure this is the right skill?
Describe what you want to build — we'll match you to the best skill from 16,000+ options.
Find the right skillPaste this into your clawhub.json to enable this plugin.
{
"plugins": {
"official-dexiaong-openclaw-securityf": {
"enabled": true,
"auto_update": true
}
}
}Tags(AI)
Flags: file-write, file-read, code-execution
Related Skills
omnicog
Universal service integration for OpenClaw — connect Reddit, Steam, Spotify, GitHub, Discord, and more with a single API.
chaterimo
AI Customer Service for Shopify & E-commerce - Query conversations, analyze chatbot performance, and manage your Chaterimo AI assistant
lulu-monitor
AI-powered LuLu Firewall companion for macOS. Monitors firewall alerts, analyzes connections with AI, sends Telegram notifications with Allow/Block buttons. Use when setting up LuLu integration, handling firewall callbacks, or troubleshooting LuLu Monitor issues.
gmail-client-PM
Read and send emails via Gmail. Use to list unread messages, read specific emails by ID, or send new emails.
arb-injection
BYOCB ArbInjectionSkill: Scan EVM smart contracts for arbitrary call injection vulnerabilities. Monitor chains in real-time or scan specific addresses.