openclaw-security
Unified security suite for agent workspaces. Installs, configures, and orchestrates all 11 OpenClaw security tools in one command — integrity, secrets, permissions, network, audit trail, signing, supply chain, credentials, injection defense, compliance, and incident response.
Why use this skill?
Install and manage the complete OpenClaw security stack with one command. Protect your workspace from injections, leaks, and supply chain threats easily.
Install via CLI (Recommended)
clawhub install openclaw/skills/skills/getmolty/openclaw-securityhWhat This Skill Does
The openclaw-security skill serves as the comprehensive command center for your agent's workspace protection. Rather than manually configuring disparate security modules, this skill orchestrates 11 specialized security tools—including warden, sentry, and sentinel—to create a hardened environment. It handles the complete lifecycle of your security posture: installation, initial baseline setup, ongoing updates via ClawHub, and continuous monitoring. By centralizing management, it ensures that your workspace remains compliant with security policies while simultaneously monitoring for threats like prompt injections, credential leaks, and supply chain vulnerabilities. It acts as a wrapper for the entire OpenClaw security stack, providing a single interface for integrity checks, permission audits, and forensic incident response.
Installation
To integrate this security suite into your environment, use the OpenClaw command-line interface. Ensure you have Python 3.8+ installed on your system. Run the following command in your terminal:
clawhub install openclaw/skills/skills/getmolty/openclaw-security
Once installed, you must perform an initial setup to build your integrity baselines and audit ledgers:
python3 {baseDir}/scripts/security.py setup --workspace /path/to/workspace
Use Cases
- Automated Security Hardening: Quickly secure a fresh workspace for sensitive development tasks by installing the full suite.
- Continuous Compliance Monitoring: Use the
scanfunction to generate audit logs and compliance reports for project stakeholders. - Incident Investigation: Leverage the
triageandledgertools to reconstruct events after detecting suspicious activity or unauthorized credential access. - Version Control and Integrity: Ensure that all installed skills are signed and verified, preventing the execution of tampered or malicious code within your workspace.
Example Prompts
- "OpenClaw, run a full security sweep on my current workspace and tell me if any vulnerabilities were detected in the supply chain or recent code injections."
- "Update all my security tools to their latest versions and run a health check to ensure the audit ledger is still active."
- "List all currently installed security tools and show me the status of the permission auditing module."
Tips & Limitations
- Pro Features: While basic detection is available for free, many 'remediation' actions (like auto-blocking or quarantine) require Pro-tier licenses for individual tools.
- Performance: Running a full
scancan be resource-intensive on massive repositories; schedule them during low-activity windows. - Dependencies: The tool uses standard libraries only, ensuring high portability across Linux, macOS, and Windows without environment conflicts.
Metadata
Not sure this is the right skill?
Describe what you want to build — we'll match you to the best skill from 16,000+ options.
Find the right skillPaste this into your clawhub.json to enable this plugin.
{
"plugins": {
"official-getmolty-openclaw-securityh": {
"enabled": true,
"auto_update": true
}
}
}Tags(AI)
Flags: file-write, file-read, code-execution
Related Skills
MarketPulse
Query real-time and historical financial data across equities and crypto—prices, market moves, metrics, and trends for analysis, alerts, and reporting.
automation-workflows
Design and implement automation workflows to save time and scale operations as a solopreneur. Use when identifying repetitive tasks to automate, building workflows across tools, setting up triggers and actions, or optimizing existing automations. Covers automation opportunity identification, workflow design, tool selection (Zapier, Make, n8n), testing, and maintenance. Trigger on "automate", "automation", "workflow automation", "save time", "reduce manual work", "automate my business", "no-code automation".
sapi-tts
Windows SAPI5 text-to-speech with Neural voices. Lightweight alternative to GPU-heavy TTS - zero GPU usage, instant generation. Auto-detects best available voice for your language. Works on Windows 10/11.
moltycash
Send USDC payments to molty users via x402 protocol. Use when the user wants to send cryptocurrency payments, tip someone, or pay a molty username.
wechat-publisher
一键发布 Markdown 到微信公众号草稿箱。基于 wenyan-cli,支持多主题、代码高亮、图片自动上传。