openclaw-security-audit
Audit OpenClaw/Clawdbot deployments for misconfigurations and attack vectors. Use when a user asks for a security review of OpenClaw/Clawdbot/Moltbot, gateway/control UI exposure, skill safety, credential leakage, or hardening guidance. Produces a terminal report with OK/VULNERABLE findings and fixes.
Why use this skill?
Audit your OpenClaw and Clawdbot deployments for misconfigurations and security risks. Get a detailed, actionable report on hardening your system.
Install via CLI (Recommended)
clawhub install openclaw/skills/skills/misirov/openclaw-security-auditWhat This Skill Does
The openclaw-security-audit skill acts as a dedicated, read-only security auditor for OpenClaw, Clawdbot, and Moltbot deployments. It performs a comprehensive environmental scan to detect common misconfigurations, exposed interfaces, and potential attack vectors. By following a structured 5-step workflow, the agent inspects system processes, network sockets, service configurations, and authentication settings to generate a terminal-formatted report. Each finding is categorized as OK, VULNERABLE, or UNKNOWN, accompanied by specific evidence, security impact analysis, and actionable remediation steps. The skill operates under a strict principle of non-destruction, ensuring that no configuration files are modified, no processes are terminated, and no secrets are exfiltrated during the audit process.
Installation
To install this skill, run the following command in your terminal:
clawhub install openclaw/skills/skills/misirov/openclaw-security-audit
Use Cases
- Routine Security Hardening: Running an audit after initial deployment to ensure the gateway is not exposed to the public internet.
- Vulnerability Assessment: Checking if your current version is susceptible to known exploits like CSWSH (Cross-Site WebSocket Hijacking) or token leakage.
- Credential Leakage Checks: Identifying if sensitive configuration files are accessible with excessive permissions or if secrets are accidentally logged in plain text.
- Gateway Protection: Verifying that the OpenClaw control UI is protected by appropriate authentication and bound to local loopback interfaces.
Example Prompts
- "Run a full security audit on this host and let me know if my OpenClaw gateway is exposed to the public internet."
- "I'm worried about my Clawdbot security. Can you check for potential misconfigurations and provide a hardening guide?"
- "Perform a security scan and specifically verify if the control UI is vulnerable to token exfiltration."
Tips & Limitations
- Read-Only Constraint: The agent will never modify your system settings. It is designed to report, not remediate, to ensure you maintain full control over your environment.
- Data Privacy: This skill is built to redact sensitive information automatically. If the agent detects potential API keys or secrets in environment variables or config files, it will mask them in the generated report.
- Prerequisites: Ensure the agent has sufficient system privileges (e.g., sudo access or appropriate read permissions) to inspect network ports and read configuration files, or the audit results may be incomplete (marked as UNKNOWN).
Metadata
Not sure this is the right skill?
Describe what you want to build — we'll match you to the best skill from 16,000+ options.
Find the right skillPaste this into your clawhub.json to enable this plugin.
{
"plugins": {
"official-misirov-openclaw-security-audit": {
"enabled": true,
"auto_update": true
}
}
}Tags(AI)
Flags: file-read, network-access
Related Skills
ClawdStrike
Security audit and threat model for OpenClaw gateway hosts. Use to verify OpenClaw configuration, exposure, skills/plugins, filesystem hygiene, and to produce an OK/VULNERABLE report with evidence and fixes.
clawstrike
Security audit and threat model for OpenClaw gateway hosts. Use to verify OpenClaw configuration, exposure, skills/plugins, filesystem hygiene, and to produce an OK/VULNERABLE report with evidence and fixes.
clawstrike
Security audit and threat model for OpenClaw gateway hosts. Use to verify OpenClaw configuration, exposure, skills/plugins, filesystem hygiene, and to produce an OK/VULNERABLE report with evidence and fixes.