abaddon
Red team security mode for OpenClaw. Runs an adversarial audit on demand or nightly — checks exposed ports, credential leaks, file permissions, suspicious processes, and OpenClaw config posture. Assigns a letter grade. Built for macOS deployments.
Why use this skill?
Enhance your OpenClaw security with Abaddon, an adversarial auditing tool for macOS that identifies vulnerabilities, leaks, and misconfigurations with a letter-grade report.
Install via CLI (Recommended)
clawhub install openclaw/skills/skills/enochosbot-bot/abaddonWhat This Skill Does
Abaddon is the premier adversarial security auditing tool for OpenClaw environments on macOS. Unlike standard defensive monitoring, which merely checks if systems are currently locked, Abaddon proactively adopts an attacker's mindset. It performs deep, systemic audits to uncover vulnerabilities that an adversary would realistically exploit to gain persistence, lateral movement, or unauthorized access. The tool evaluates critical vectors including network exposure (listening ports, remote access tunnels), macOS system integrity (SIP, FileVault, Gatekeeper status), and OpenClaw-specific configuration posture. It rigorously audits file permissions, ensures sensitivity-laden files like AGENT_PROMPT.md and openclaw.json are properly secured (e.g., 600 or 444), and performs a comprehensive scan for plaintext API keys or secrets embedded within your workspace or git history. The output is a transparent, letter-graded report (A-F) that provides actionable remediation steps for every finding.
Installation
To install the skill, execute: clawhub install openclaw/skills/skills/enochosbot-bot/abaddon.
Once installed, follow these steps to secure your deployment:
- Integrate the prompt into your agent: Run
cat skills/abaddon/templates/abaddon-prompt.md >> ~/.openclaw/workspace/agents/observer/AGENT_PROMPT.md. If you lack a primary observer agent, initialize a standalone Abaddon agent. - Configure automated monitoring: Execute
bash skills/abaddon/setup/cron-seed.shto inject the nightly 3:45 AM CST assessment into your environment. - Secure the configuration: Run
chmod 600 ~/.openclaw/workspace/agents/observer/AGENT_PROMPT.mdto ensure your detection playbooks remain unreadable to unauthorized local actors.
Use Cases
Abaddon is essential for power users running OpenClaw with sensitive API keys, private LLM agents, or persistent local automations. It serves as your "Security-in-Depth" layer. Use it to:
- Regularly audit your attack surface to ensure no rogue plugins or tunnels have been installed.
- Validate that your secrets, such as API tokens, haven't leaked into configuration files or shell histories.
- Ensure system-level protections like XProtect and Gatekeeper are active.
- Receive automated notifications via Telegram when critical security posture regressions are detected.
Example Prompts
- "run full assessment"
- "Abaddon, show me the red team audit for today"
- "run red team scan and report back to the security channel"
Tips & Limitations
To maximize the effectiveness of Abaddon, ensure it has the appropriate access levels defined in your agent profile. Note that while Abaddon is highly capable at identifying misconfigurations, it is a diagnostic tool; it flags vulnerabilities but does not automatically "fix" system settings (like changing folder permissions) to avoid causing instability in your OpenClaw workflow. Always review the detailed memory/audits/abaddon-YYYY-MM-DD.md report before executing recommended remediations. Finally, ensure your Telegram integration is configured if you wish to receive the critical security alerts in real-time.
Metadata
Not sure this is the right skill?
Describe what you want to build — we'll match you to the best skill from 16,000+ options.
Find the right skillPaste this into your clawhub.json to enable this plugin.
{
"plugins": {
"official-enochosbot-bot-abaddon": {
"enabled": true,
"auto_update": true
}
}
}Tags(AI)
Flags: file-read, file-write, code-execution, network-access