Secucheck
by @jooneyp
Comprehensive security audit for OpenClaw. Scans 7 domains (runtime, channels, agents, cron, skills, sessions, network), supports 3 expertise levels, context-aware analysis, and visual dashboard. Read-only with localized reports.
clawhub install secucheckπ About This Skill
name: secucheck description: Comprehensive security audit for OpenClaw. Scans 7 domains (runtime, channels, agents, cron, skills, sessions, network), supports 3 expertise levels, context-aware analysis, and visual dashboard. Read-only with localized reports. tags: [security, audit, hardening, runtime, dashboard, prompt-injection]
secucheck - OpenClaw Security Audit
Comprehensive security audit skill for OpenClaw deployments. Analyzes configuration, permissions, exposure risks, and runtime environment with context-aware recommendations.
Summary
secucheck performs read-only security audits of your OpenClaw setup:
Never modifies configuration automatically. All fixes require explicit user confirmation.
Quick Start
Installation
clawhub install secucheck
Usage
Ask your OpenClaw agent:Expertise Levels
When prompted, choose your level: 1. Beginner - Simple analogies, no jargon 2. Intermediate - Technical details, config examples 3. Expert - Attack vectors, edge cases, CVEsAll levels run the same checksβonly explanation depth varies.
Dashboard
"show dashboard" / "visual report"
Opens an HTML report in your browser.Example Output
π Security Audit Resultsπ‘ Needs Attention
| Severity | Count |
|----------|-------|
| π΄ Critical | 0 |
| π High | 0 |
| π‘ Medium | 2 |
| π’ Low | 3 |
π‘ Agent "molty": exec + external content processing
...
Features
Agent Instructions
*Everything below is for the agent executing this skill.*
When to Use
Trigger this skill when:
Expertise Levels
| Level | Identifier | Style |
|-------|------------|-------|
| Beginner | 1, beginner | Analogies, simple explanations, no jargon |
| Intermediate | 2, intermediate | Technical details, config examples |
| Expert | 3, expert | Attack vectors, edge cases, CVE references |
Execution Flow
Step 1: Ask Level (before running anything)
Present options in user's language. Example (English):
What level of technical detail do you prefer?1. π± Beginner - I'll explain simply with analogies
2. π» Intermediate - Technical details and config examples
3. π Expert - Include attack vectors and edge cases
π All levels run the same checksβonly explanation depth varies.
STOP HERE. Wait for user response.
Step 2: Run Audit
bash ~/.openclaw/skills/secucheck/scripts/full_audit.sh
Returns JSON with findings categorized by severity.
Step 3: Format Output
Parse JSON output and format based on user's expertise level. Final report must be in user's language.
#### Report Structure (Organize by Category)
π Security Audit Resultsπ Summary Table
| Severity | Count |
|----------|-------|
| π΄ Critical | X |
| ...
β‘ Runtime
[findings related to RUNTIME category] π€ Agents
[findings related to AGENT category] π Workspace
[findings related to WORKSPACE category] π§© Skills
[findings related to SKILL category] π’ Channels
[findings related to CHANNEL category] π Network
[findings related to NETWORK category]
Group findings by their category field, not just severity.
Within each category, show severity icon and explain.
Step 4: Auto-Open Dashboard
After text report, automatically generate and serve dashboard:
bash ~/.openclaw/skills/secucheck/scripts/serve_dashboard.sh
The script returns JSON with url (LAN IP) and local_url (localhost).
Use the url field (not localhost) when telling the user β they may access from another device.
Example:
π λμ보λλ μ΄μμ΄μ: http://192.168.1.200:8766/secucheck-report.html
If running in environment where browser can be opened, use browser tool to open it.
Cross-Platform Support
Scripts run on Linux, macOS, and WSL. Check the JSON output for platform info:
{
"os": "linux",
"os_variant": "ubuntu",
"in_wsl": false,
"in_dsm": false,
"failed_checks": ["external_ip"]
}
Platform Detection
| Field | Values |
|-------|--------|
| os | linux, macos, windows, unknown |
| os_variant | ubuntu, arch, dsm, wsl, version string |
| in_wsl | true if Windows Subsystem for Linux |
| in_dsm | true if Synology DSM |
Handling Failed Checks
If failed_checks array is non-empty, run fallback commands based on platform:
#### Network Info Fallbacks
| Platform | Command |
|----------|---------|
| Linux | ip addr show or ifconfig |
| macOS | ifconfig |
| WSL | ip addr show (or check Windows via cmd.exe /c ipconfig) |
| Windows | PowerShell: Get-NetIPAddress |
| DSM | ifconfig or /sbin/ip addr |
#### Gateway Binding Fallbacks
| Platform | Command |
|----------|---------|
| Linux | ss -tlnp \| grep :18789 or netstat -tlnp |
| macOS | lsof -iTCP:18789 -sTCP:LISTEN |
| Windows | PowerShell: Get-NetTCPConnection -LocalPort 18789 |
#### File Permissions Fallbacks
| Platform | Command |
|----------|---------|
| Linux/macOS | ls -la ~/.openclaw |
| Windows | PowerShell: Get-Acl $env:USERPROFILE\.openclaw |
Windows Native Support
If os is windows and scripts fail completely:
1. Use PowerShell commands directly:
# Network exposure
Get-NetTCPConnection -LocalPort 18789 -State ListenFile permissions
Get-Acl "$env:USERPROFILE\.openclaw"Process info
Get-Process | Where-Object {$_.Name -like "*openclaw*"}
2. Report what you can check and note Windows-specific limitations.
Minimal Environments (Docker, DSM)
Some environments lack tools. Check output and supplement:
| Missing Tool | Fallback |
|--------------|----------|
| curl | wget -qO- |
| ss | netstat |
| ip | ifconfig or /sbin/ip |
| pgrep | ps aux \| grep |
Agent Decision Flow
1. Run full_audit.sh
2. Check "failed_checks" in output
3. For each failed check:
a. Identify platform from os/os_variant
b. Run platform-specific fallback command
c. Incorporate results into report
4. Note any checks that couldn't complete
Dashboard Generation
When user requests visual report:
bash ~/.openclaw/skills/secucheck/scripts/serve_dashboard.sh
Returns:
{
"status": "ok",
"url": "http://localhost:8766/secucheck-report.html",
"pid": 12345
}
Provide URL directly to user.
Detailed Check References
Read these only when deep explanation needed:
| File | Domain |
|------|--------|
| checks/runtime.md | Live system state |
| checks/channels.md | Channel policies |
| checks/agents.md | Agent permissions |
| checks/cron.md | Scheduled jobs |
| checks/skills.md | Installed skills |
| checks/sessions.md | Session isolation |
| checks/network.md | Network configuration |
Attack Scenario Templates
Use these for expert-level explanations:
| File | Scenario |
|------|----------|
| scenarios/prompt-injection.md | External content manipulation |
| scenarios/session-leak.md | Cross-session data exposure |
| scenarios/privilege-escalation.md | Tool permission abuse |
| scenarios/credential-exposure.md | Secret leakage |
| scenarios/unauthorized-access.md | Access control bypass |
Risk Levels
π΄ Critical - Immediate action required. Active exploitation possible.
π High - Significant risk. Should fix soon.
π‘ Medium - Notable concern. Plan to address.
π’ Low - Minor issue or best practice recommendation.
βͺ Info - Not a risk, but worth noting.
Risk Matrix
Tool Permissions
Minimal Full
ββββββββββββ¬βββββββββββ
Exposure β π’ β π‘ β
Low β Safe β Caution β
ββββββββββββΌβββββββββββ€
β π‘ β π΄ β
High β Caution β Critical β
ββββββββββββ΄βββββββββββExposure = Who can talk to the bot (DM policy, group access, public channels)
Tool Permissions = What the bot can do (exec, file access, messaging, browser)
Context-Aware Exceptions
Don't just pattern match. Consider context:
| Context | Adjustment | |---------|------------| | Private channel, 2-3 trusted members | Lower risk even with exec | | VPN/Tailscale only access | Network exposure less critical | | Self-hosted, single user | Session isolation less important | | Containerized environment | Privilege escalation less severe |
Always ask about environment if unclear.
Applying Fixes
CRITICAL RULES:
1. Never auto-apply fixes. Always show suggestions first. 2. Warn about functional impact. If a fix might break something, say so. 3. Get explicit user confirmation before any config changes.
Example flow:
Agent: "Changing this setting will disable exec in #dev channel.
If you're using code execution there, it will stop working.
Apply this fix?"
User: "yes"
Agent: [apply fix via gateway config.patch]
Language Rules
Auto-Review Triggers
Invoke automatically when:
1. Skill installation: clawhub install or manual addition
2. Agent creation/modification: New agent or tool changes
3. Cron job creation/modification: New or modified scheduled tasks
For auto-reviews, focus only on changed component unless full audit requested.
Quick Commands
| User Request | Action | |--------------|--------| | "check channels only" | Run channels.md check | | "audit cron jobs" | Run cron.md check | | "full audit" | All checks | | "more detail" | Re-run with verbose output |
Trust Hierarchy
Apply appropriate trust levels:
| Level | Entity | Trust Model | |-------|--------|-------------| | 1 | Owner | Full trust β has all access | | 2 | AI Agent | Trust but verify β sandboxed, logged | | 3 | Allowlists | Limited trust β specified users only | | 4 | Strangers | No trust β blocked by default |
Incident Response Reference
If compromise suspected:
Containment
1. Stop gateway process 2. Set gateway.bind to loopback (127.0.0.1) 3. Disable risky DM/group policiesRotation
1. Regenerate gateway auth token 2. Rotate browser control tokens 3. Revoke and rotate API keysReview
1. Check gateway logs and session transcripts 2. Review recent config changes 3. Re-run full security auditFiles Reference
~/.openclaw/skills/secucheck/
βββ SKILL.md # This file
βββ skill.json # Package metadata
βββ README.md # User documentation
βββ scripts/
β βββ full_audit.sh # Complete audit (JSON output)
β βββ runtime_check.sh # Live system checks
β βββ gather_config.sh # Config extraction (redacted)
β βββ gather_skills.sh # Skill security scan
β βββ gather_agents.sh # Agent configurations
β βββ serve_dashboard.sh # Generate + serve HTML report
β βββ generate_dashboard.sh
βββ dashboard/
β βββ template.html # Dashboard template
βββ checks/
β βββ runtime.md # Runtime interpretation
β βββ channels.md # Channel policy checks
β βββ agents.md # Agent permission checks
β βββ cron.md # Cron job checks
β βββ skills.md # Skill safety checks
β βββ sessions.md # Session isolation
β βββ network.md # Network exposure
βββ scenarios/
β βββ prompt-injection.md
β βββ session-leak.md
β βββ privilege-escalation.md
β βββ credential-exposure.md
β βββ unauthorized-access.md
βββ templates/
βββ report.md # Full report template
βββ finding.md # Single finding template
βββ summary.md # Quick summary template
Security Assessment Questions
When auditing, consider:
1. Exposure: What network interfaces can reach this agent? 2. Authentication: What verification does each access point require? 3. Isolation: What boundaries exist between agent and host? 4. Trust: What content sources are considered "trusted"? 5. Auditability: What evidence exists of agent's actions? 6. Least Privilege: Does agent have only necessary permissions?
Remember: This skill exists to make OpenClaw self-aware of its security posture. Use regularly, extend as needed, never skip the audit.
β‘ When to Use
π‘ Examples
Ask your OpenClaw agent:
Expertise Levels
When prompted, choose your level: 1. Beginner - Simple analogies, no jargon 2. Intermediate - Technical details, config examples 3. Expert - Attack vectors, edge cases, CVEsAll levels run the same checksβonly explanation depth varies.
Dashboard
"show dashboard" / "visual report"
Opens an HTML report in your browser.