Official Verified system Safety 5/5

secucheck

Comprehensive security audit for OpenClaw. Scans 7 domains (runtime, channels, agents, cron, skills, sessions, network), supports 3 expertise levels, context-aware analysis, and visual dashboard. Read-only with localized reports.

Why use this skill?

Perform comprehensive read-only security audits on your OpenClaw deployment. Analyze agents, runtime, and network risks with customizable expertise levels.

skill-install — Terminal

Install via CLI (Recommended)

clawhub install openclaw/skills/skills/jooneyp/secucheck

Download Source Code (.zip)

What This Skill Does

The secucheck skill provides a comprehensive, read-only security audit for OpenClaw environments. Designed for proactive defense, it meticulously inspects seven critical domains of your deployment: Runtime, Channels, Agents, Cron Jobs, Skills, Sessions, and Network configurations. By performing context-aware analysis, the agent evaluates your specific setup—whether you are running in a containerized environment, behind a VPN, or as a single-user instance—to identify potential misconfigurations or exposure risks.

Unlike automated repair tools, secucheck acts strictly as an analytical advisor. It generates detailed, localized reports and visual dashboards without ever modifying your system files, ensuring that all security remediation remains under your direct human control.

Installation

To add secucheck to your OpenClaw agent, use the clawhub CLI utility. Ensure your environment is active and run the following command in your terminal:

clawhub install openclaw/skills/skills/jooneyp/secucheck

Once installed, the agent will have the ability to run audits upon your request or automatically after significant system changes.

Use Cases

secucheck is essential for administrators who prioritize the integrity of their AI workflows. It is particularly valuable during:

Routine Health Checks: Periodic audits (recommended weekly) to ensure that no drift in security posture has occurred.
Deployment Changes: Running an audit immediately after installing new skills or modifying agent permissions.
Threat Modeling: Using the 'Expert' expertise level to simulate how an attacker might exploit current agent or network configurations.
Compliance Reporting: Leveraging the generated HTML dashboard and localized reports for documentation and security review sessions.

Example Prompts

"Run a full security audit of the system, please."
"Perform a secucheck and show me the visual dashboard."
"Do a security scan using the Expert mode to check for potential attack vectors."

Tips & Limitations

Safety First: This tool is strictly read-only. It will highlight potential vulnerabilities but will never modify or 'fix' your configurations without your explicit confirmation.
Expertise Levels: Choose your level wisely. The Beginner level is excellent for high-level oversight, while the Expert level provides deep-dive technical insights into CVEs and specific system vulnerabilities.
Dashboard: Always run show dashboard after an audit to visualize your security score and identify specific hotspots that require attention.
Scope: While extensive, always ensure your underlying infrastructure (OS, kernel, etc.) is patched independently, as secucheck focuses primarily on the OpenClaw agent ecosystem.

Read Full Documentation on GitHub

Metadata

Author@jooneyp

Stars1947

Updated2026-03-04

View Author Profile

AI Skill Finder

Not sure this is the right skill?

Describe what you want to build — we'll match you to the best skill from 16,000+ options.

Find the right skill

Add to Configuration

Paste this into your clawhub.json to enable this plugin.

{
  "plugins": {
    "official-jooneyp-secucheck": {
      "enabled": true,
      "auto_update": true
    }
  }
}

Related Skills

doctorbot-ci-validator

Stop failing in production. Validate your GitHub Actions, GitLab CI & Keep workflows offline with surgical precision. Born from Keep bounty research, perfected for agents.

bamontejano 4473