← Back to Skills Marketplace
128
Downloads
0
Stars
0
Active Installs
2
Versions
Install in OpenClaw
/install openclaw-hardening
Description
Secure an OpenClaw server with host hardening, chainwatch runtime safety, pastewatch secret redaction, and noisepan+entropia news intelligence. Use when sett...
Usage Guidance
This SKILL.md is coherent with a hardening tool, but it asks you to perform high‑privilege, persistent changes and to install third‑party binaries via curl/untar without integrity checks. Before running these instructions: 1) Review the upstream repositories (ppiankov/chainwatch and pastewatch) and their release artifacts; verify checksums/signatures when available. 2) Avoid piping unknown scripts into sudo — download and inspect them first. 3) Audit the systemd unit and binary contents you will install. 4) Backup configuration and test in a nonproduction instance. 5) Confirm you trust the maintainer and that the tool’s behavior (intercepting all LLM API traffic and accessing local config.env) is acceptable for your environment. 6) Prefer package manager installs or signed releases where possible, and consider limiting scope (non‑root, containerized testing) until you’ve validated behavior.
Capability Analysis
Type: OpenClaw Skill
Name: openclaw-hardening
Version: 2.1.0
The skill bundle performs extensive system-level modifications, including SSH hardening, firewall configuration, and the installation of multiple third-party security tools (chainwatch, pastewatch, noisepan) via high-risk methods like 'curl | bash' and direct binary downloads from GitHub (github.com/ppiankov). While these tools are presented as hardening measures, they implement a non-bypassable intercept proxy for LLM traffic and kernel-level monitoring (eBPF), granting the tools significant control over the environment and sensitive API communications. The combination of high-privilege operations and reliance on unverified remote binaries in SKILL.md constitutes a significant security risk despite the stated protective intent.
Capability Assessment
Purpose & Capability
The name/description (host hardening, command safety, secret redaction) aligns with the actions in SKILL.md: SSH hardening, firewall, fail2ban, installing chainwatch/pastewatch, and registering skills. Nothing obviously unrelated is requested, but the skill asks for full root/sudo and to install persistent intercept/proxy services — which is consistent with its goals but is a high‑impact set of operations.
Instruction Scope
The runtime instructions require root, modify systemd services, edit sshd_config, change firewall rules, copy libraries into /usr/lib, and instruct routing the agent's LLM traffic through an intercept proxy. Those steps go beyond simple configuration tweaks and grant the tool broad control of network flows and local secrets. The instructions also include curl|sudo bash one‑liners and automatic placement of skill files into ~/.openclaw — all high‑impact operations that should be reviewed before running.
Install Mechanism
Although there is no declared install spec in the registry, the SKILL.md includes direct download and install steps: curl | sudo bash from raw.githubusercontent.com, direct GitHub release binaries written to /usr/local/bin, and unpacking the Swift runtime and copying libs into /usr/lib without checksum verification. These are legitimate ways to install tools but are supply‑chain risky and lack integrity checks — flagged as high risk by policy.
Credentials
The skill declares no required env vars but instructs setting ANTHROPIC_BASE_URL/OPENAI_BASE_URL and claims to intercept agent API traffic and local config.env. Pastewatch will scan many secret types and read/write files to replace placeholders. Access to local secrets and config files is relevant to redaction/hardening, but the scope is broad and the SKILL.md does not explicitly require or describe safeguards (e.g., checksums, least privilege), so exercise caution.
Persistence & Privilege
The skill creates persistent artifacts (systemd service, binaries in /usr/local/bin, skill files in ~/.openclaw/skills) which is expected for tooling that enforces runtime policies. It does not set always:true and does not itself request modification of other skills' configs. Persistent services that intercept LLM traffic are a significant privilege but not inherently incoherent with the stated purpose.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install openclaw-hardening - After installation, invoke the skill by name or use
/openclaw-hardening - Provide required inputs per the skill's parameter spec and get structured output
Version History
v2.1.0
Added ContextSpectre proxy layer (noise stripping) to defense-in-depth chain
v2.0.0
v2.0: Added Layer 5 eBPF enforce (seccomp containment), pastewatch proxy chain, observe audit, updated architecture diagram
Metadata
Frequently Asked Questions
What is OpenClaw Hardening?
Secure an OpenClaw server with host hardening, chainwatch runtime safety, pastewatch secret redaction, and noisepan+entropia news intelligence. Use when sett... It is an AI Agent Skill for Claude Code / OpenClaw, with 128 downloads so far.
How do I install OpenClaw Hardening?
Run "/install openclaw-hardening" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is OpenClaw Hardening free?
Yes, OpenClaw Hardening is completely free, licensed under MIT-0. You can download, install and use it at no cost.
Which platforms does OpenClaw Hardening support?
OpenClaw Hardening is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created OpenClaw Hardening?
It is built and maintained by ppiankov (@ppiankov); the current version is v2.1.0.
More Skills