🎁 Get the FREE AI Skills Starter Guide β€” Subscribe β†’
BytesAgainBytesAgain
BytesAgain β€Ί Skills β€Ί Config Security Scanner
πŸ¦€ ClawHub

Config Security Scanner

by @zoowii

Security expert for OpenClaw deployments. Audits local configuration files for vulnerabilities in network settings, channel policies, and tool permissions. P...

Versionv1.0.5
Installs1
#devops#legal
⚑ When to Use
TriggerAction
- User requests security audit: "scan my OpenClaw for security issues"
- After initial setup to verify security posture
- Before exposing OpenClaw to production/multi-user environments
- After major configuration changes
- Periodic security health checks (recommended: weekly)
- User reports suspicious activity
πŸ’‘ Examples

Basic Security Scan

User: "Scan my OpenClaw for security issues"

Assistant runs: 

openclaw security-scan --output security_report.md

Output: 

βœ… Network config analysis: 2 issues found
βœ… Channel audit: 1 unsafe policy found  
βœ… Permission analysis: 3 excessive permissions
Risk Level: HIGH
Report saved to: security_report.md

Targeted Channel Audit

User: "Check if my Telegram configuration is safe"

Assistant runs: 

openclaw security-scan --channels --output telegram_audit.md

Weekly Security Check

Add to HEARTBEAT.md: ```markdown

πŸ“‹ Tips & Best Practices

Config Not Found

[WARN] No config file found

Solution: Ensure OpenClaw config exists at one of:

  • ~/.openclaw/openclaw.json (primary)
  • ~/.openclaw/config.json
  • ~/.openclaw/gateway.config.json
  • /etc/openclaw/openclaw.json
  • Or set the OPENCLAW_CONFIG environment variable to a custom path

    • Permission Denied

    Error: [Errno 13] Permission denied

    Solution: Run with appropriate permissions or check file ownership.

    View on ClawHub
    TERMINAL
    clawhub install scanner-for-openclaw

    πŸ§ͺ Use this skill with your agent

    Most visitors already have an agent. Pick your environment, install or copy the workflow, then run the smoke-test prompt above.

    Manus
    Task-oriented agent. Great for testing AI skills end-to-end.
    Try Manus β†’
    OpenClaw
    Local-first agent. Install skills via ClawHub CLI.
    Set up OpenClaw β†’
    Claude Code
    Anthropic's coding agent. Paste the prompt or SKILL.md into your session.
    Claude Code docs β†’
    Cursor
    AI-powered IDE. Use the smoke-test prompt in Cursor Agent.
    Open Cursor β†’
    Continue.dev
    Open-source AI code assistant. Add SKILL.md as a custom tool.
    Continue docs β†’
    Windsurf
    Agentic IDE by Codeium. Paste the prompt into Cascade.
    Try Windsurf β†’
    Cline
    VS Code extension for autonomous coding with MCP tools.
    Cline on GitHub β†’
    Copilot Workspace
    GitHub's AI dev environment. Suitable for code-generation skills.
    Copilot Workspace β†’

    πŸ” Can't find the right skill?

    Search 60,000+ AI agent skills β€” free, no login needed.

    Search Skills β†’