← Back to Skills Marketplace
1508
Downloads
5
Stars
5
Active Installs
3
Versions
Install in OpenClaw
/install openclaw-vault
Description
Credential lifecycle security for agent workspaces. Audit credential exposure, detect misconfigured permissions, inventory all secrets, and identify stale credentials needing rotation. Free alert layer — upgrade to openclaw-vault-pro for automated remediation, credential rotation, and access control.
Usage Guidance
This skill appears to implement credential discovery and remediation and runs locally with only Python. However: 1) the code contains modifying operations (fix-permissions, quarantine, protect) that are not fully reflected in the SKILL.md Commands section — treat those as potentially destructive until you inspect them; 2) it will scan sensitive files (shell histories, keys, git history) in whatever workspace it targets (defaulting to OPENCLAW_WORKSPACE, cwd, or ~/.openclaw/workspace) — point it only at a safe copy or test workspace first; 3) review scripts/vault.py (especially the implementations of quarantine, fix-permissions, protect, gitguard, rotate-check) before running to confirm behavior and where it writes/moves files; 4) run read-only commands (audit, exposure, inventory, status) first and do not run remediation commands until you have backups and understand what changes will be made; 5) prefer obtaining this skill from a known repository/author or verify the code hash if you must install it. If you want, I can scan the remainder of vault.py for specific filesystem operations and show the exact lines that perform moves/permission changes and where quarantined files are stored.
Capability Analysis
Type: OpenClaw Skill
Name: openclaw-vault
Version: 1.0.2
The OpenClaw Vault skill bundle is a credential lifecycle security tool designed to detect and remediate exposed secrets. Its Python script (`scripts/vault.py`) performs extensive local file system scanning, permission checks, and interacts with Git history via `subprocess.run`. While it possesses powerful capabilities like modifying file permissions (`os.chmod`, `icacls`) and moving files to a quarantine directory (`shutil.move`), these actions are explicitly for security hardening and remediation, not for malicious purposes. The skill explicitly states and adheres to 'No external dependencies' and 'No network calls', significantly reducing data exfiltration risk. There is no evidence of prompt injection attempts in `SKILL.md` or `README.md`, nor any clear shell injection vulnerabilities in the Python code's use of `subprocess.run` or `shutil.move`.
Capability Assessment
Purpose & Capability
Name/description (credential lifecycle auditing) matches the shipped script's capabilities (scanning permissions, history, git, configs, docker, staleness). Requiring only python3 is proportionate. However the repository and README advertise additional remediation/automation features and the included script exposes commands to change files (fix-permissions, quarantine, protect) that go beyond the read-only audit commands shown in SKILL.md's Commands section — this inconsistency should be explained by the author.
Instruction Scope
SKILL.md instructs running audit/exposure/inventory/status and documents local-only operation. The script itself (vault.py) includes additional subcommands that can modify or move files (fix-permissions, quarantine, unquarantine, protect, rotate-check, gitguard). The skill auto-detects a workspace via OPENCLAW_WORKSPACE / cwd / ~/.openclaw/workspace and will scan sensitive locations (shell histories, git, configs) — this is expected for an auditor but is invasive. SKILL.md does not declare OPENCLAW_WORKSPACE as a required env var, and the docs differ between README, SKILL.md, and the code, which increases the chance an agent or user will run a modifying command unintentionally.
Install Mechanism
No install spec — instruction-only with an included Python script. That is low-risk relative to arbitrary network installs. The code claims to use only Python stdlib and the file headers/imports shown are consistent with local-only operation (no obvious network libraries).
Credentials
The skill declares no required credentials or env vars. It does optionally read OPENCLAW_WORKSPACE for workspace auto-detection (documented in SKILL.md), which is reasonable. No unexpected cloud credentials or unrelated secrets are requested.
Persistence & Privilege
always:false (no forced persistent inclusion). The script can write to the filesystem (quarantine, fix-permissions, protect); those side-effectful commands are appropriate for remediation features but increase risk if invoked inadvertently. There's no evidence the skill modifies other skills or global agent configs.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install openclaw-vault - After installation, invoke the skill by name or use
/openclaw-vault - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.2
openclaw-vault 1.0.2
- Removed the upgrade and "openclaw-vault-pro" promotion from documentation for a simpler, more neutral readme.
- SKILL.md and README.md are now focused solely on the core features offered in the open-source skill version.
- No functional changes to code logic; updates are documentation-only.
- Keeps all usage instructions and command references intact.
v1.0.1
- Documentation updates in README.md; no functional or logic changes.
- Clarifications and detailed explanations added for credential exposure vectors, audit process, and commands.
- Expanded sections on what the skill checks and info about workspace auto-detection.
v1.0.0
Initial release of openclaw-vault
- Provides credential lifecycle security for agent workspaces, going beyond simple source code secret detection.
- Audits credential exposure, misconfigured permissions, and inventories all secrets.
- Identifies stale credentials needing rotation, with exit codes indicating exposure severity.
- Runs locally with Python standard library only; no network or external dependencies.
- Includes free alerting layer with option to upgrade for automated remediation.
Metadata
Frequently Asked Questions
What is Openclaw Vault?
Credential lifecycle security for agent workspaces. Audit credential exposure, detect misconfigured permissions, inventory all secrets, and identify stale credentials needing rotation. Free alert layer — upgrade to openclaw-vault-pro for automated remediation, credential rotation, and access control. It is an AI Agent Skill for Claude Code / OpenClaw, with 1508 downloads so far.
How do I install Openclaw Vault?
Run "/install openclaw-vault" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is Openclaw Vault free?
Yes, Openclaw Vault is completely free (open-source). You can download, install and use it at no cost.
Which platforms does Openclaw Vault support?
Openclaw Vault is cross-platform and runs anywhere OpenClaw / Claude Code is available (darwin, linux, win32).
Who created Openclaw Vault?
It is built and maintained by AtlasPA (@atlaspa); the current version is v1.0.2.
More Skills