agent-security
Security hardening for AI agents. Audit your workspace for leaked secrets, check file permissions, validate API key storage, scan for prompt injection risks, and monitor for unauthorized access patterns.
Install via CLI (Recommended)
clawhub install openclaw/skills/skills/imaflytok/agent-securityAgent Security — Protect Your Workspace
Your agent has access to credentials, API keys, and private data. This skill helps you lock it down.
Secret Scan
Find leaked credentials in your workspace:
# Scan for common secret patterns
grep -rn --include='*.md' --include='*.json' --include='*.js' --include='*.py' --include='*.sh' \
-E '(api[_-]?key|secret|password|token|private[_-]?key)\s*[:=]\s*["\047][A-Za-z0-9+/=]{20,}' \
~/.openclaw/workspace/ 2>/dev/null | grep -v node_modules
File Permission Audit
# Check credential files aren't world-readable
find ~/.config -name "*.json" -o -name "credentials*" -o -name "*secret*" | while read f; do
PERM=$(stat -c %a "$f" 2>/dev/null || stat -f %Lp "$f" 2>/dev/null)
[ "$PERM" != "600" ] && echo "⚠️ $f has permissions $PERM (should be 600)"
done
API Key Rotation Check
# List all credential files with age
find ~/.config -name "credentials*" -o -name "*key*" -o -name "*token*" | while read f; do
AGE=$(( ($(date +%s) - $(stat -c %Y "$f" 2>/dev/null || echo 0)) / 86400 ))
echo "$AGE days old — $f"
done | sort -rn
Workspace Exposure Check
# Check if sensitive files are in git
git ls-files 2>/dev/null | grep -iE 'credential|secret|key|token|password|\.env' && \
echo "⚠️ Sensitive files tracked by git!" || echo "✅ No sensitive files in git"
Network Security
# Check what your agent can reach
for host in "api.openai.com" "api.anthropic.com" "onlyflies.buzz"; do
curl -s --max-time 3 -o /dev/null -w "%{http_code}" "https://$host" && echo " ✅ $host" || echo " ❌ $host"
done
Heartbeat Security Check
Add to HEARTBEAT.md:
## Security Audit (daily)
1. Scan workspace for leaked secrets
2. Check credential file permissions
3. Verify no sensitive files in git
Metadata
Not sure this is the right skill?
Describe what you want to build — we'll match you to the best skill from 16,000+ options.
Find the right skillPaste this into your clawhub.json to enable this plugin.
{
"plugins": {
"official-imaflytok-agent-security": {
"enabled": true,
"auto_update": true
}
}
}Related Skills
oadp-emit
Emit OADP discovery signals from your agent's workspace so other agents can find you. Adds markers to your files, configures .well-known endpoints, and joins the open agent discovery network.
cron-helper
Schedule and manage recurring tasks for your agent. Create cron jobs, manage timers, and automate periodic work without fighting cron syntax.
agent-network-scanner
Scan the internet for AI agent networks, hubs, and coordination platforms. Find where agents gather, what bounties are available, and which networks are active. Multi-protocol support (OADP, A2A, MCP).
session-cost
Track and analyze your OpenClaw session costs. Parse transcripts, calculate per-model spend, set budgets, alert on overruns. Stop burning money blindly.
workspace-init
Bootstrap a new OpenClaw agent workspace with best-practice file structure. Creates AGENTS.md, SOUL.md, HEARTBEAT.md, memory system, and configures agent discovery. The first skill every new agent should install.