cyber-security-engineer
Security engineering workflow for OpenClaw privilege governance and hardening. Use for least-privilege execution, approval-first privileged actions, idle timeout controls, port + egress monitoring, and ISO 27001/NIST-aligned compliance reporting with mitigations.
Why use this skill?
Automate privilege governance, network monitoring, and compliance reporting with the Cyber Security Engineer skill for OpenClaw. Ensure NIST and ISO 27001 alignment.
Install via CLI (Recommended)
clawhub install openclaw/skills/skills/fletcherfrimpong/fletcher-cyber-security-engineerWhat This Skill Does
The cyber-security-engineer skill provides a robust, policy-driven framework for OpenClaw agents to manage privilege governance, network security, and compliance. By integrating directly into the OpenClaw runtime, this skill enforces the principle of least privilege, ensuring that non-root execution is the default. It mandates explicit user approval for any elevated tasks, scopes those elevations to specific command sets, and enforces automatic idle timeouts to minimize the window of vulnerability.
Beyond session management, the skill includes active monitoring of network exposure. It continuously scans listening ports against an approved baseline and audits outbound connections against a predefined egress allowlist. All security-sensitive events are logged to the OpenClaw security audit stream, and the agent provides real-time benchmarking against ISO 27001 and NIST frameworks. It acts as an automated security officer that prevents unauthorized root access and identifies configuration drift or insecure service exposure before they become exploits.
Installation
To integrate this security layer into your OpenClaw environment, execute the following command in your terminal:
clawhub install openclaw/skills/skills/fletcherfrimpong/fletcher-cyber-security-engineer
Ensure that you have initialized the OpenClaw runtime hooks via scripts/install-openclaw-runtime-hook.sh to enable persistent enforcement of the session guard and audit logging policies.
Use Cases
- Production Hardening: Automatically audit production server configurations to ensure only approved ports are listening.
- Privilege Governance: Restrict developer AI agents to non-root access, requiring human-in-the-loop approvals for emergency maintenance.
- Compliance Reporting: Generate automated audit-ready reports mapping technical controls to ISO 27001 and NIST requirements.
- Egress Control: Prevent unauthorized data exfiltration by blocking outbound connections to unverified external IP addresses or domains.
Example Prompts
- "Check current system security status and report any listening ports that are not in my approved_ports.json baseline."
- "I need to update the system kernel; please request elevated privileges, apply the security patch, and ensure the session is dropped immediately after."
- "Run a compliance assessment against the NIST standard and provide a list of mitigations for any identified vulnerabilities."
Tips & Limitations
- Tips: Always maintain the
egress-allowlist.template.jsonto include only necessary API endpoints to minimize your attack surface. Use thescripts/live_assessment.pytool daily to catch configuration drift before a formal audit. - Limitations: This skill does not perform external web searches or vulnerability scanning of third-party remote endpoints. It is strictly limited to the local host environment and the configured policy templates provided. It cannot prevent root access if an external user gains physical access to the machine or overrides the OpenClaw runtime hooks.
Metadata
Not sure this is the right skill?
Describe what you want to build — we'll match you to the best skill from 16,000+ options.
Find the right skillPaste this into your clawhub.json to enable this plugin.
{
"plugins": {
"official-fletcherfrimpong-fletcher-cyber-security-engineer": {
"enabled": true,
"auto_update": true
}
}
}Tags(AI)
Flags: file-read, file-write, code-execution, network-access