safeclaw

Security compliance checker for MCP/LLM applications. Performs non-invasive security assessments on configuration files.

Safety Notice

This listing is from the official public ClawHub registry. Review SKILL.md and referenced scripts before running.

Copy this and send it to your AI assistant to learn

Install skill "safeclaw" with this command: npx skills add kaillera999/safeclaw

SafeClaw Security Checker

Perform security compliance checks on MCP/LLM application configurations.

Usage

When the user invokes this skill, run security checks on their configuration.

Basic Command

cd {baseDir}/../../ && uv run python main.py check --config "<config_path>" --format json

Arguments

  • config_path: Path to the configuration file to check (JSON/YAML/TOML)
  • If no path provided, use --auto to auto-discover config: 
    cd {baseDir}/../../ && uv run python main.py check --auto --format json

Execution Flow

  1. Determine config path:

    • If user provides a path, use it
    • If user wants auto-discovery, use --auto
    • If unsure, ask the user

  2. Run the check:

    cd {baseDir}/../../ && uv run python main.py check --config "<path>" --format json

  3. Parse JSON output: The output has this structure:

    {
  "summary": {
    "overall_status": "安全|注意|高危",
    "total": 10,
    "passed": 7,
    "failed": 3,
    "by_level": {"safe": 7, "attention": 2, "high_risk": 1}
  },
  "failed_results": [
    {
      "name": "检查项名称",
      "category": "安全类别",
      "level": "高危|注意",
      "message": "问题描述",
      "risk_description": "风险说明",
      "remediation": "整改建议",
      "fix_commands": ["command to fix"]
    }
  ]
}

  4. Report findings:

    • Show summary: X passed, Y attention items, Z high-risk
    • List high-risk items FIRST with remediation steps
    • List attention items with suggestions
    • If all passed, congratulate the user

Exit Codes

  • 0: All checks passed (safe)
  • 1: Attention items found
  • 2: High-risk items found

Example Config

Use {baseDir}/example-config.json as a reference template for users who need a starting point.

Categories Checked

CategoryDescription
配置与密钥Secrets in config, hardcoded credentials
权限File permissions, access controls
网络暴露Network bindings, CORS, exposed ports
插件安全MCP server security, plugin sources
日志与审计Logging configuration, audit trails
版本信息Version exposure, update status
OpenClaw安全OpenClaw-specific deployment security

Example Invocation

User: "/safeclaw check my config at ./config/mcp.json"

Response:

  1. Run: cd {baseDir}/../../ && uv run python main.py check --config "./config/mcp.json" --format json
  2. Parse results and present findings in a clear, actionable format

Tips

  • Always use --format json for machine-readable output
  • The skill runs from the skill directory, so use {baseDir}/../../ to reach project root
  • If the config file doesn't exist, suggest using the template at {baseDir}/templates/minimal-config.json

Source Transparency

This detail page is rendered from real SKILL.md content. Trust labels are metadata-based hints, not a safety guarantee.

Open Registry RecordOpen in ClawHub

Related Skills

Related by shared tags or category signals.

Security

YiHui GITHUB MONITOR

Monitor multiple GitHub repos with configurable alert policies for releases, PRs, and security, sending low-noise notifications via scheduled cron jobs.

Registry SourceRecently Updated
001yihui
Security

YiHui HEALTHCHECK

Host security hardening and risk-tolerance configuration for OpenClaw deployments. Use when a user asks for security audits, firewall/SSH/update hardening, r...

Registry SourceRecently Updated
001yihui
Security

Git Secrets Scanner

Git 安全扫描器 - 检查提交中的敏感信息泄露(API keys、密码、token)

Registry SourceRecently Updated
1.5K0guohongbin-git
Security

Skeall Skill Builder

Agent Skills (SKILL.md) builder, auditor, and improver for cross-platform LLM agents. Use for "skeall", "build a skill", "create skill", "improve skill", "au...

Registry SourceRecently Updated
6890dorukardahan