🎁 Get the FREE AI Skills Starter Guide β€” Subscribe β†’
BytesAgainBytesAgain
πŸ¦€ ClawHub

Openclaw Security Toolkit

by @hkall

Security guard for OpenClaw users. Audit configs, scan secrets, manage access, and generate security reports.

Versionv1.0.0
Downloads2,970
Installs13
TERMINAL
clawhub install openclaw-security-toolkit

πŸ“– About This Skill


name: "openclaw-security-guard" description: "Security guard for OpenClaw users. Audit configs, scan secrets, manage access, and generate security reports."

OpenClaw Security Guard

A comprehensive security tool for OpenClaw users to protect their AI assistant.

Features

  • πŸ” Security Audit - Comprehensive security configuration check
  • πŸ” Secret Scanner - Detect exposed API keys and tokens
  • πŸ‘₯ Access Control - Manage devices, users, and permissions
  • πŸ”‘ Token Manager - Rotate and validate tokens
  • πŸ“Š Security Report - Generate detailed security reports
  • πŸ›‘οΈ Hardening - Apply security best practices
  • Requirements

  • Python 3.6+
  • No external dependencies (uses stdlib)
  • Commands

    # Run security audit
    python3 {baseDir}/scripts/main.py audit

    Scan for secrets

    python3 {baseDir}/scripts/main.py scan

    Generate report

    python3 {baseDir}/scripts/main.py report --format md

    Check token status

    python3 {baseDir}/scripts/main.py token status

    Access control

    python3 {baseDir}/scripts/main.py access list

    Security hardening

    python3 {baseDir}/scripts/main.py harden --fix

    Quick status check

    python3 {baseDir}/scripts/main.py status

    Options

    --format, -f     Output format: json, md, table (default: table)
    --lang, -l         Language: en, zh (default: auto-detect)
    --quiet, -q              Quiet mode, only output results
    --verbose, -v            Verbose output
    --output, -o       Output file path
    --deep                   Deep scan mode
    --fix                    Auto-fix issues where possible
    

    Security Checks

    | Category | Checks | |----------|--------| | Config | Gateway bind, auth mode, token strength | | Secrets | API keys, tokens, passwords, private keys | | Access | Devices, users, channels, sessions | | Network | Public exposure, open ports |

    Examples

    # Full audit with auto-fix
    python3 {baseDir}/scripts/main.py audit --deep --fix

    Generate markdown report

    python3 {baseDir}/scripts/main.py report --format md -o security.md

    Scan for specific pattern

    python3 {baseDir}/scripts/main.py scan --pattern "sk-"

    List all paired devices

    python3 {baseDir}/scripts/main.py access devices

    Generate JSON report

    python3 {baseDir}/scripts/main.py report --format json

    Output Formats

    Table (default)

    πŸ” OpenClaw Security Guard v1.0.0
    ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━

    πŸ“Š Security Score: 72/100 ⚠️

    πŸ”΄ HIGH RISK β€’ API Key exposed in config file Location: ~/.openclaw/openclaw.json:15

    JSON

    {
      "score": 72,
      "findings": [...]
    }
    

    Markdown

    # Security Report
    Score: 72/100
    

    Languages

  • English (en)
  • δΈ­ζ–‡ (zh)
  • Auto-detected based on system locale.

    License

    MIT

    Version

    v1.0.0

    πŸ’‘ Examples

    # Full audit with auto-fix
    python3 {baseDir}/scripts/main.py audit --deep --fix

    Generate markdown report

    python3 {baseDir}/scripts/main.py report --format md -o security.md

    Scan for specific pattern

    python3 {baseDir}/scripts/main.py scan --pattern "sk-"

    List all paired devices

    python3 {baseDir}/scripts/main.py access devices

    Generate JSON report

    python3 {baseDir}/scripts/main.py report --format json

    βš™οΈ Configuration

    --format, -f     Output format: json, md, table (default: table)
    --lang, -l         Language: en, zh (default: auto-detect)
    --quiet, -q              Quiet mode, only output results
    --verbose, -v            Verbose output
    --output, -o       Output file path
    --deep                   Deep scan mode
    --fix                    Auto-fix issues where possible