Official Verified system Safety 4/5

clawstrike

Security audit and threat model for OpenClaw gateway hosts. Use to verify OpenClaw configuration, exposure, skills/plugins, filesystem hygiene, and to produce an OK/VULNERABLE report with evidence and fixes.

Why use this skill?

Perform professional security audits on your OpenClaw gateway. Clawstrike scans configurations and plugins to identify risks with deterministic, safety-focused reporting.

skill-install — Terminal

Install via CLI (Recommended)

clawhub install openclaw/skills/skills/misirov/macarena-test

Download Source Code (.zip)

What This Skill Does

Clawstrike is the definitive security auditing tool for OpenClaw gateway hosts, engineered to perform rigorous, deterministic checks on your infrastructure. By leveraging a strict verified-execution environment, this skill scans your OpenClaw deployment for common misconfigurations, unsafe plugin behaviors, and exposed attack surfaces. It functions by executing a mandatory, local-only script bundle to generate an immutable snapshot of your system configuration, which it then parses against predefined, hardened security benchmarks to produce an actionable OK or VULNERABLE report.

Installation

To install this skill, run the following command in your terminal: clawhub install openclaw/skills/skills/misirov/macarena-test

Use Cases

Clawstrike is best utilized during initial deployment hardening, routine security maintenance, and post-update sanity checks. It is particularly effective for teams managing multiple OpenClaw instances who need to ensure policy compliance across their fleet. You can use it to verify that filesystem permissions are properly restricted, identify unauthorized or stale plugins, and confirm that your network gateway is not inadvertently exposing sensitive administrative endpoints to the broader network.

Example Prompts

"Clawstrike, run a full security audit on this gateway and provide a VULNERABLE report if you find any misconfigurations."
"I've just added a new plugin to my OpenClaw host. Please run a deep probe using the clawstrike skill to ensure it meets our security standards."
"Please generate a summary report of my current OpenClaw configuration and let me know if my firewall settings are currently open."

Tips & Limitations

Mandatory Safety: Clawstrike relies on scripts/collect_verified.sh. Never modify this file or attempt to bypass the verified mode; doing so invalidates the audit integrity.
No Remote Calls: This tool is strictly local. It will never perform network calls to external servers, protecting your system from exfiltration threats. If you suspect an issue, the tool relies on your local verified-bundle.json for all analysis.
Data Privacy: Clawstrike automatically redacts sensitive information like session cookies and API tokens. You should verify that your output does not contain sensitive metadata before sharing it with third parties.
Fixes: The tool provides instructions, not automated fixes. Always review the suggested remediation steps manually before applying any changes to your production host.

Read Full Documentation on GitHub

Metadata

Author@misirov

Stars1401

Updated2026-02-24

View Author Profile

AI Skill Finder

Not sure this is the right skill?

Describe what you want to build — we'll match you to the best skill from 16,000+ options.

Find the right skill

Add to Configuration

Paste this into your clawhub.json to enable this plugin.

{
  "plugins": {
    "official-misirov-macarena-test": {
      "enabled": true,
      "auto_update": true
    }
  }
}

Tags(AI)

#security#audit#compliance#hardening#devops

Safety Score: 4/5

Flags: file-read, code-execution

Related Skills

ClawdStrike

misirov 1401

clawstrike

misirov 1401

openclaw-security-audit

Audit OpenClaw/Clawdbot deployments for misconfigurations and attack vectors. Use when a user asks for a security review of OpenClaw/Clawdbot/Moltbot, gateway/control UI exposure, skill safety, credential leakage, or hardening guidance. Produces a terminal report with OK/VULNERABLE findings and fixes.

misirov 1401