security-scanner

Run a comprehensive local security scan on your OpenClaw installation. Checks config, network exposure, credentials, OS hardening, and agent guardrails. Scores your setup and offers auto-fixes. Everything stays local — no data leaves your machine.

Safety Notice

This listing is from the official public ClawHub registry. Review SKILL.md and referenced scripts before running.

Copy this and send it to your AI assistant to learn

Install skill "security-scanner" with this command: npx skills add Jkahn-tr/openclaw-security-scanner

Security Scanner

Run a local security assessment on any OpenClaw installation.

Usage

The skill provides a bash script that scans your OpenClaw setup and reports findings with severity levels.

Quick scan (read-only)

bash "$(dirname "$0")/oc-security-scan.sh"

Auto-fix issues

bash "$(dirname "$0")/oc-security-scan.sh" --fix

Save a report

bash "$(dirname "$0")/oc-security-scan.sh" --report

JSON output

bash "$(dirname "$0")/oc-security-scan.sh" --json

What It Checks

  • OpenClaw Configuration — bind address, token strength, config permissions, exec security mode
  • Network Exposure — listening ports, firewall status, public interface exposure
  • Credential Hygiene — plaintext secrets, file permissions, .gitignore patterns
  • OS Hardening — disk encryption, auto-updates, OS version, root usage
  • Agent Guardrails — RULES.md, memory file permissions, safety constraints

Output

Color-coded terminal output with severity levels:

  • 🔴 CRITICAL — immediate action required
  • 🟡 WARNING — should be addressed
  • 🟢 PASS — looks good
  • ⚪ INFO — informational

Ends with a security score out of 100 (A-F grade).

Security Philosophy

  • Local only — zero external network calls, nothing phones home
  • Read-only by default — only modifies files when --fix is explicitly passed
  • Owner-operated — designed to be run by the OpenClaw owner on their own machine
  • No dependencies — standard unix tools + openclaw CLI only

Source Transparency

This detail page is rendered from real SKILL.md content. Trust labels are metadata-based hints, not a safety guarantee.

Open Registry RecordOpen in ClawHub

Related Skills

Related by shared tags or category signals.

Security

GI Code Review

Review code for quality, security, and maintainability following team standards. Use when reviewing pull requests, examining code changes, or when the user a...

Registry SourceRecently Updated
70laimiaohua
Security

Aws Security

List of open source tools for AWS security: defensive, offensive, auditing, DFIR, etc. my arsenal of aws security tools, shell, auditing, aws-infrastructure,...

Registry SourceRecently Updated
980Profile unavailable
Security

Moses Modes

MO§ES™ Governance Modes — Injects behavioral constraints from the active mode into all agent prompts. 8 modes: high-security, high-integrity, creative, resea...

Registry SourceRecently Updated
880Profile unavailable
Security

Adversarial Robustness Toolbox

Adversarial Robustness Toolbox (ART) - Python Library for Machine Learning Security - Evasion, Poiso adversarial robustness toolbox, python, adversarial-atta...

Registry SourceRecently Updated
1190Profile unavailable