← Back to Skills Marketplace
1517
Downloads
0
Stars
9
Active Installs
2
Versions
Install in OpenClaw
/install openclaw-security-toolkit
Description
Security guard for OpenClaw users. Audit configs, scan secrets, manage access, and generate security reports.
README (SKILL.md)
OpenClaw Security Guard
A comprehensive security tool for OpenClaw users to protect their AI assistant.
Features
- 🔍 Security Audit - Comprehensive security configuration check
- 🔐 Secret Scanner - Detect exposed API keys and tokens
- 👥 Access Control - Manage devices, users, and permissions
- 🔑 Token Manager - Rotate and validate tokens
- 📊 Security Report - Generate detailed security reports
- 🛡️ Hardening - Apply security best practices
Requirements
- Python 3.6+
- No external dependencies (uses stdlib)
Commands
# Run security audit
python3 {baseDir}/scripts/main.py audit
# Scan for secrets
python3 {baseDir}/scripts/main.py scan
# Generate report
python3 {baseDir}/scripts/main.py report --format md
# Check token status
python3 {baseDir}/scripts/main.py token status
# Access control
python3 {baseDir}/scripts/main.py access list
# Security hardening
python3 {baseDir}/scripts/main.py harden --fix
# Quick status check
python3 {baseDir}/scripts/main.py status
Options
--format, -f \x3Cformat> Output format: json, md, table (default: table)
--lang, -l \x3Clang> Language: en, zh (default: auto-detect)
--quiet, -q Quiet mode, only output results
--verbose, -v Verbose output
--output, -o \x3Cfile> Output file path
--deep Deep scan mode
--fix Auto-fix issues where possible
Security Checks
| Category | Checks |
|---|---|
| Config | Gateway bind, auth mode, token strength |
| Secrets | API keys, tokens, passwords, private keys |
| Access | Devices, users, channels, sessions |
| Network | Public exposure, open ports |
Examples
# Full audit with auto-fix
python3 {baseDir}/scripts/main.py audit --deep --fix
# Generate markdown report
python3 {baseDir}/scripts/main.py report --format md -o security.md
# Scan for specific pattern
python3 {baseDir}/scripts/main.py scan --pattern "sk-"
# List all paired devices
python3 {baseDir}/scripts/main.py access devices
# Generate JSON report
python3 {baseDir}/scripts/main.py report --format json
Output Formats
Table (default)
🔐 OpenClaw Security Guard v1.0.0
━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
📊 Security Score: 72/100 ⚠️
🔴 HIGH RISK
• API Key exposed in config file
Location: ~/.openclaw/openclaw.json:15
JSON
{
"score": 72,
"findings": [...]
}
Markdown
# Security Report
**Score**: 72/100
Languages
- English (en)
- 中文 (zh)
Auto-detected based on system locale.
License
MIT
Version
v1.0.0
Usage Guidance
This skill is coherent with its stated purpose: it reads OpenClaw configuration and credential files and can auto-fix issues or rotate tokens. Before installing or running with --fix/rotate: 1) Verify the skill source/author (metadata points to a GitHub repo but 'homepage' is none). 2) Back up your OpenClaw config (~/.openclaw/) because the tool may write changes. 3) Be aware token rotation and some fixes will write tokens into config and may print new tokens to stdout — avoid running where logs are captured. 4) Prefer a dry-run first (where supported) to review planned changes. 5) If you will allow autonomous invocation, remember the tool can modify local config; only enable autonomous use if you trust the code and source.
Capability Analysis
Type: OpenClaw Skill
Name: openclaw-security-toolkit
Version: 1.0.0
The OpenClaw Security Toolkit is a legitimate administrative utility designed to audit configurations, scan for exposed secrets, and manage access controls for an OpenClaw installation. The codebase (scripts/audit.py, scripts/scanner.py, scripts/token.py) uses only Python standard libraries to perform local file operations within the ~/.openclaw directory. It includes security-conscious features such as secret masking for console output and provides automated hardening capabilities like token rotation. No evidence of data exfiltration, unauthorized network activity, or malicious prompt injection was found; the tool's behavior is entirely consistent with its stated purpose.
Capability Assessment
Purpose & Capability
Name/description (audit, secret-scan, access control, token management) match the included scripts and config. The tool inspects ~/.openclaw paths, produces reports, and offers fixes/rotation — all consistent with the stated purpose. No unrelated external credentials or unusual binaries are required.
Instruction Scope
SKILL.md instructs running local Python scripts which scan and modify OpenClaw configuration files (e.g., ~/.openclaw/openclaw.json, ~/.openclaw/.env, ~/.openclaw/credentials/). This is expected for a security tool, but the instructions allow actions that modify local config (e.g., --fix, token rotation), so users should expect writes to local files and potential printing of new tokens to stdout.
Install Mechanism
No install spec is provided (instruction-only). The package contains Python scripts that rely on the stdlib; nothing is downloaded or executed from remote URLs during install. Risk from install mechanism is low.
Credentials
The skill does not declare required environment variables or credentials. It scans local config files for secrets (OpenAI keys, AWS keys, etc.), which is proportional to its stated purpose. No unexpected credentials or unrelated environment access are requested.
Persistence & Privilege
always is false. The tool can be invoked by the model (default platform behavior). The code can modify the OpenClaw config and rotate tokens when run with --fix/rotate, which is legitimate for a hardening tool but increases impact if executed without user control. There is no attempt to alter other skills' configs or persist itself into the agent runtime beyond standard local file writes.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install openclaw-security-toolkit - After installation, invoke the skill by name or use
/openclaw-security-toolkit - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.0
Initial release of the OpenClaw Security Toolkit.
- Security guard tool for OpenClaw users: audit configs, scan secrets, manage access, and generate security reports.
- Provides CLI commands for auditing, scanning, reporting, hardening, and access management.
- Supports multiple output formats: table, JSON, and markdown.
- No external dependencies; works with Python 3.6+.
- Includes options for language, verbosity, deep scans, and auto-fix.
- Documentation and usage examples included.
v0.1.0
Initial release of OpenClaw Security Guard.
- Provides auditing of security configurations for OpenClaw users
- Scans for exposed secrets including API keys and tokens
- Manages access control for devices, users, and permissions
- Supports token rotation and validation
- Generates security reports in multiple formats (table, JSON, Markdown)
- Offers hardening features to apply security best practices
- No external Python dependencies required (stdlib only)
Metadata
Frequently Asked Questions
What is Openclaw Security Toolkit?
Security guard for OpenClaw users. Audit configs, scan secrets, manage access, and generate security reports. It is an AI Agent Skill for Claude Code / OpenClaw, with 1517 downloads so far.
How do I install Openclaw Security Toolkit?
Run "/install openclaw-security-toolkit" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is Openclaw Security Toolkit free?
Yes, Openclaw Security Toolkit is completely free, licensed under MIT-0. You can download, install and use it at no cost.
Which platforms does Openclaw Security Toolkit support?
Openclaw Security Toolkit is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created Openclaw Security Toolkit?
It is built and maintained by hkall (@hkall); the current version is v1.0.0.
More Skills