openclaw-security-guard

Security audit CLI + live dashboard for OpenClaw. Scans for secrets, config issues, prompt injections, vulnerable dependencies, and unverified MCP servers. Zero telemetry.

Safety Notice

This listing is from the official public ClawHub registry. Review SKILL.md and referenced scripts before running.

Copy this and send it to your AI assistant to learn

Install skill "openclaw-security-guard" with this command: npx skills add miloudbelarebia/openclaw-security-guard

OpenClaw Security Guard

The missing security layer for your OpenClaw installation.

What it does

Run openclaw-guard audit to scan your OpenClaw setup across 5 categories:

  • Secrets Scanner -- Detects API keys, tokens, passwords across 15+ formats + entropy analysis
  • Config Auditor -- Checks sandbox mode, DM policy, gateway binding, rate limiting
  • Prompt Injection Detector -- 50+ patterns: instruction overrides, role hijacking, jailbreaks
  • Dependency Scanner -- npm CVE scanning
  • MCP Server Auditor -- Allowlist-based verification of installed MCP servers

Quick start

npm install -g openclaw-security-guard

# Full audit
openclaw-guard audit

# Fix issues automatically (with backup)
openclaw-guard fix --auto

# Launch live dashboard
openclaw-guard dashboard

Features

  • Security Score (0-100) -- one number for your security posture
  • Auto-hardening -- interactive, automatic, or dry-run modes
  • Live dashboard -- real-time monitoring at localhost:18790
  • Pre-commit hooks -- catch secrets before they're committed
  • Multi-language -- English, French, Arabic
  • Zero telemetry -- no tracking, no network requests, 100% local

Links

Source Transparency

This detail page is rendered from real SKILL.md content. Trust labels are metadata-based hints, not a safety guarantee.

Open Registry RecordOpen in ClawHub

Related Skills

Related by shared tags or category signals.

Security

Flue — Desktop Software Bridge

Flue is a lightweight bridge enabling command-line control of professional desktop software by executing scripts inside the app's automation runtime and retu...

Registry SourceRecently Updated
510sfkislev
Security

Trent OpenClaw Security Assessment

Assess your Agent deployment against security risks using Trent.

Registry SourceRecently Updated
36510Profile unavailable
Security

TrustBoost PII Sanitizer

Sanitizes PII from text before sending to LLMs. Use when handling user-generated text that may contain sensitive data, when privacy compliance is required (G...

Registry SourceRecently Updated
1350Profile unavailable
Security

Agent Causal

Helps decide to ship, continue, or roll back changes from A/B test and DiD data by providing statistical analysis, decisions, and audit trails.

Registry SourceRecently Updated
900Profile unavailable