Cyber Security Engineer
by @fletcherfrimpong
Security engineering workflow for OpenClaw privilege governance and hardening. Use for least-privilege execution, approval-first privileged actions, idle tim...
clawhub install cyber-security-engineerπ About This Skill
name: cyber-security-engineer version: 0.1.9 description: Security engineering workflow for OpenClaw privilege governance and hardening. Use for least-privilege execution, approval-first privileged actions, idle timeout controls, port + egress monitoring, and ISO 27001/NIST-aligned compliance reporting with mitigations.
Cyber Security Engineer
Requirements
Required tools:
python3 (>= 3.8)openclaw CLI (installed via npm during bootstrap, or pre-installed)npm (only needed for bootstrap if openclaw is not already installed)lsof, ss, or netstat for port/egress checksstat, readlink (standard on macOS/Linux, used by the runtime hook installer)Env vars (all optional, documented for configuration):
OPENCLAW_REQUIRE_POLICY_FILES β set to 1 to block privileged execution when policy files are missingOPENCLAW_REQUIRE_SESSION_ID β set to 1 to require a task session id for each privileged actionOPENCLAW_TASK_SESSION_ID β per-task session id (used when OPENCLAW_REQUIRE_SESSION_ID=1)OPENCLAW_APPROVAL_TOKEN β if set, requires this token during the approval stepOPENCLAW_UNTRUSTED_SOURCE β set to 1 to flag the current content source as untrustedOPENCLAW_VIOLATION_NOTIFY_CMD β absolute path to a notifier binary (must also be allowlisted)OPENCLAW_VIOLATION_NOTIFY_ALLOWLIST β JSON array of allowed argv arrays, or comma-separated absolute pathsOPENCLAW_REAL_SUDO β override path to the real sudo binary (used by the runtime hook shim)OPENCLAW_PYTHON3 β override path to python3 (used by the runtime hook shim)OPENCLAW_CYBER_SKILL_DIR β override path to the skill directory (used by the runtime hook shim)OPENCLAW_ALLOW_NONINTERACTIVE_SUDO β set to 1 to allow non-interactive sudo through the shim (default: blocked)OPENCLAW_PRIV_REASON β human-readable reason passed to the guarded execution wrapperOPENCLAW_VIOLATION_NOTIFY_STATE β override path to the notification state fileOPENCLAW_SKIP_PLIST_CONFIRM β set to 1 to skip the interactive confirmation before modifying the macOS LaunchAgent plistPolicy files (admin reviewed):
~/.openclaw/security/approved_ports.json~/.openclaw/security/command-policy.json~/.openclaw/security/egress_allowlist.json~/.openclaw/security/prompt-policy.jsonImplement these controls in every security-sensitive task:
1. Keep default execution in normal (non-root) mode.
2. Request explicit user approval before any elevated command.
3. Scope elevation to the minimum command set required for the active task.
4. Drop elevated state immediately after the privileged command completes.
5. Expire elevated state after 30 idle minutes and require re-approval.
6. Monitor listening network ports and flag insecure or unapproved exposure.
7. Monitor outbound connections and flag destinations not in the egress allowlist.
8. If no approved baseline exists, generate one with python3 scripts/generate_approved_ports.py, then review and prune.
9. Benchmark controls against ISO 27001 and NIST and report violations with mitigations.
Runtime Hook (sudo shim)
The script scripts/install-openclaw-runtime-hook.sh installs an opt-in sudo
shim at ~/.openclaw/bin/sudo. This shim shadows the system sudo binary by
prepending ~/.openclaw/bin to PATH in the OpenClaw gateway process.
What it does:
sudo invocations and routes them through guarded_privileged_exec.py-h, --version, -k, -l) directly to real sudoWhat it does NOT do:
PATH includes ~/.openclaw/bin before /usr/binOpt-in: The hook is not installed by default. To enable it, run bootstrap with
ENFORCE_PRIVILEGED_EXEC=1. On macOS, the installer will prompt for confirmation
before modifying the gateway LaunchAgent plist. The shim can be removed at any time
by deleting ~/.openclaw/bin/sudo.
File Writes
This skill writes only to ~/.openclaw/ and the assessments/ directory inside the
skill folder. No files are written outside these two trees.
Under ~/.openclaw/ (user config/state):
~/.openclaw/security/approved_ports.json β generated port baseline (by generate_approved_ports.py)~/.openclaw/security/root-session-state.json β elevated session state (by root_session_guard.py)~/.openclaw/security/privileged-audit.jsonl β append-only audit log (by audit_logger.py)~/.openclaw/security/violation-notify-state.json β notification diff state (by notify_on_violation.py)~/.openclaw/bin/sudo β opt-in sudo shim (by install-openclaw-runtime-hook.sh, see Runtime Hook section)~/.openclaw/logs/cyber-security-engineer-auto.log β auto-cycle run log (by auto_invoke_cycle.sh)Under assessments/ (inside skill directory):
assessments/openclaw-assessment.json β compliance check resultsassessments/compliance-summary.json β structured summary for tools/integrationsassessments/compliance-dashboard.html β human-readable report pageassessments/port-monitor-latest.json β latest open-port scan outputassessments/egress-monitor-latest.json β latest outbound connection scan outputTemporary files:
tempfile.NamedTemporaryFile (by generate_approved_ports.py) β auto-cleanedNo files are written to /usr/, /etc/, or any system directory.
Non-Goals (Web Browsing)
Files To Use
references/least-privilege-policy.mdreferences/port-monitoring-policy.mdreferences/compliance-controls-map.jsonreferences/approved_ports.template.jsonreferences/command-policy.template.jsonreferences/prompt-policy.template.jsonreferences/egress-allowlist.template.jsonscripts/preflight_check.pyscripts/root_session_guard.pyscripts/audit_logger.pyscripts/command_policy.pyscripts/prompt_policy.pyscripts/guarded_privileged_exec.pyscripts/install-openclaw-runtime-hook.shscripts/port_monitor.pyscripts/generate_approved_ports.pyscripts/egress_monitor.pyscripts/notify_on_violation.pyscripts/compliance_dashboard.pyscripts/live_assessment.pyBehavior
OPENCLAW_UNTRUSTED_SOURCE=1 + prompt policy).OPENCLAW_REQUIRE_SESSION_ID=1).~/.openclaw/security/privileged-audit.jsonl (best-effort).Output Contract
When reporting status, include:
check_id(s) affected, status, risk, and concise evidence.