← Back to Skills Marketplace

Security Audit

Name: Security Audit
Author: sunt23310-ops

by sunt23310-ops · GitHub ↗ · v1.0.0 · MIT-0

macoslinux ⚠ suspicious

311

Downloads

Stars

Active Installs

Versions

Install in OpenClaw

/install clawgears-security-audit

Description

Comprehensive OpenClaw security audit — checks gateway binding, credential exposure, channel policies, tool sandboxing, network/IP leaks, and macOS system se...

README (SKILL.md)

OpenClaw Security Audit

Run a comprehensive security audit on your local OpenClaw installation. Covers 6 security domains mapped to MITRE ATLAS threat categories.

When to Use

User asks to "check security", "audit my openclaw", "is my config secure?"
User mentions concerns about API key leaks, exposed ports, or privacy
After changing OpenClaw configuration (gateway, channels, tools, etc.)
User wants a security report (HTML or JSON)

When NOT to Use

General system security questions unrelated to OpenClaw
User is asking about a different application
User just wants to know what OpenClaw is

Setup

Check if the audit tool is installed:

ls ~/openclaw-security-audit/audit.sh 2>/dev/null || echo "NOT_INSTALLED"

If not installed, clone it:

git clone https://github.com/sunt23310-ops/openclaw-security-audit.git ~/openclaw-security-audit

Running Checks

AUDIT_DIR="$HOME/openclaw-security-audit"

Quick Check (critical items only, ~5 seconds)

bash "$AUDIT_DIR/checks/gateway.sh" && bash "$AUDIT_DIR/checks/credentials.sh"

Full Audit (all 6 modules)

for check in gateway credentials channels tools network system; do
  bash "$AUDIT_DIR/checks/${check}.sh"
done

Individual Checks

Match the user's concern to the right module:

User asks about	Command
Gateway, ports, binding, auth, TLS	`bash "$AUDIT_DIR/checks/gateway.sh"`
API keys, passwords, file permissions, history leaks	`bash "$AUDIT_DIR/checks/credentials.sh"`
WhatsApp, Telegram, DM policy, allowFrom	`bash "$AUDIT_DIR/checks/channels.sh"`
Sandbox, denyCommands, tool restrictions	`bash "$AUDIT_DIR/checks/tools.sh"`
IP leak, exposed ports, firewall, Shodan/Censys	`bash "$AUDIT_DIR/checks/network.sh"`
macOS SIP, FileVault, TCC, iCloud sync	`bash "$AUDIT_DIR/checks/system.sh"`

Auto-Fix (requires explicit user confirmation for each fix)

bash "$AUDIT_DIR/fixes/interactive-fix.sh"

Specific fixes:

bash "$AUDIT_DIR/fixes/gateway-fix.sh" — bind gateway to localhost, generate strong token
bash "$AUDIT_DIR/fixes/permission-fix.sh" — fix file/directory permissions
bash "$AUDIT_DIR/fixes/channel-fix.sh" — fix DM policy, allowFrom, requireMention

Generate Report

bash "$AUDIT_DIR/audit.sh"

Then select option 5 for HTML or JSON report output.

Output Format

Each check outputs lines prefixed with:

[PASS] — check passed, no action needed
[WARN] — potential issue, review recommended
[FAIL] — security issue found, fix recommended
[SKIP] — check skipped (component not installed or not applicable)

After running checks, summarize results clearly. If there are FAIL items, recommend the appropriate fix script and explain what it will do before the user confirms.

Important Notes

This tool is read-only by default. Fix scripts require explicit user confirmation for each change.
The IP leak check (network module) will ask before sending your IP to external services (Shodan, Censys).
All checks gracefully skip if OpenClaw is not installed or a component is missing.
On Linux, macOS-specific checks (SIP, FileVault, TCC) are automatically skipped.

Usage Guidance

This skill points your agent to clone and execute a GitHub-hosted audit toolkit, but the registry metadata does not declare 'git' or the remote-download step. Before installing or running: (1) manually inspect the repository (https://github.com/sunt23310-ops/openclaw-security-audit) yourself to confirm the scripts do what they claim; (2) prefer running the audit in an isolated environment (container, VM, or throwaway account) so arbitrary scripts can't access your main files; (3) verify any fix scripts before consenting and back up configs; (4) expect the audit to read local config files and histories — only proceed if you're comfortable with that level of access; (5) ask the maintainer why 'git' and the remote-clone step are not declared in the skill metadata and request the code be bundled or the install step explicitly listed. If you cannot review the repo, treat this skill as high-risk.

Capability Analysis

Type: OpenClaw Skill Name: clawgears-security-audit Version: 1.0.0 The skill bundle acts as a bootstrap for an external security audit tool by cloning a remote repository (github.com/sunt23310-ops/openclaw-security-audit) and executing various shell scripts (audit.sh, credentials.sh, etc.) on the host system. While the stated purpose is a security audit, the instructions in SKILL.md direct the agent to download and run arbitrary code from a third-party source with access to sensitive domains like credentials, network configurations, and macOS system security (SIP/TCC). This pattern is highly risky as it facilitates remote code execution (RCE) without verifying the integrity of the external scripts, though no explicitly malicious logic is contained within the provided files.

Capability Assessment

⚠ Purpose & Capability

Name and description match the checks described in SKILL.md and the declared binaries (bash, curl, python3) are reasonable for a local audit. However, the runtime instructions require git cloning and executing scripts from ~/openclaw-security-audit, yet 'git' is not listed in required binaries and the registry metadata does not declare the external repository download as part of install. That omission is an incoherence: installing/executing a remote audit suite typically requires git or another downloader and should be declared.

⚠ Instruction Scope

SKILL.md instructs the agent to clone a GitHub repo and run multiple bash scripts that will inspect gateway binding, credentials, channel policies, tool sandboxes, network/IP checks (including optional queries to Shodan/Censys), and macOS system state. The doc claims read-only by default and prompts before external queries/fixes, but because there are no bundled code files the actual behavior depends entirely on the external repo. The instructions implicitly allow executing arbitrary remote scripts which may read sensitive files (configs, shell history) — the scope is broader than the metadata declares and grants the agent discretion to run downloaded code.

⚠ Install Mechanism

Registry metadata lists a brew formula for python3 only. The SKILL.md uses git clone from GitHub to fetch the audit toolkit and then runs its scripts. Fetching and executing code from a remote repository is higher risk than a pure instruction-only skill; although GitHub is a known host (better than an arbitrary IP/shortener), the metadata does not document this download step or require 'git' as a binary, so the install/run mechanism is inconsistent and needs explicit declaration or code bundled with the skill.

ℹ Credentials

The skill declares no required credentials or env vars, which is appropriate for a local audit. However, the audit scripts referenced (credentials checks, permission fixes, gateway fixes) will likely read local configuration files and may prompt for or require access to tokens/configs during fixes. Because the actual scripts are external, the skill's lack of declared credential requirements is acceptable but incomplete — users should expect on-run prompts and local-file reads.

✓ Persistence & Privilege

The skill is not always-enabled and does not request persistent privileges in metadata. It documents that fix scripts require explicit user confirmation before making changes. There is no evidence it modifies other skills or system-wide agent settings on its own.

How to Use

Make sure OpenClaw is installed (local or Docker)
Run the install command in chat: /install clawgears-security-audit
After installation, invoke the skill by name or use /clawgears-security-audit
Provide required inputs per the skill's parameter spec and get structured output

Version History

v1.0.0

Initial release: 6-module OpenClaw security audit covering gateway, credentials, channels, tools, network, and system checks.

Metadata

Slug clawgears-security-audit

Version 1.0.0

License MIT-0

All-time Installs 1

Active Installs 1

Total Versions 1

Frequently Asked Questions

What is Security Audit?

Comprehensive OpenClaw security audit — checks gateway binding, credential exposure, channel policies, tool sandboxing, network/IP leaks, and macOS system se... It is an AI Agent Skill for Claude Code / OpenClaw, with 311 downloads so far.

How do I install Security Audit?

Run "/install clawgears-security-audit" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is Security Audit free?

Yes, Security Audit is completely free, licensed under MIT-0. You can download, install and use it at no cost.

Which platforms does Security Audit support?

Security Audit is cross-platform and runs anywhere OpenClaw / Claude Code is available (macos, linux).

Who created Security Audit?

It is built and maintained by sunt23310-ops (@sunt23310-ops); the current version is v1.0.0.

More Skills