← Back to Skills Marketplace
nextfrontierbuilds

Moltbot Security

by Next Frontier AI · GitHub ↗ · v1.0.3
cross-platform ⚠ suspicious
2751
Downloads
3
Stars
5
Active Installs
4
Versions
Install in OpenClaw
/install moltbot-security
Description
Security hardening for AI agents - Moltbot, OpenClaw, Cursor, Claude. Lock down gateway, fix permissions, auth, firewalls. Essential for vibe-coding setups.
Usage Guidance
This is a practical hardening checklist, but before running anything: 1) Verify the origin — the registry metadata lists no known homepage while package.json points to a GitHub repo; inspect that repo and its author. 2) Don’t blindly run curl | sh commands — fetch and review the scripts first. 3) Back up ~/.openclaw and any config files before editing or running auto-fix commands. 4) Confirm the 'openclaw' CLI is legitimate and from a trusted source before using --fix or audit commands. 5) Be cautious exporting tokens in shells; use a secrets store if possible. If you want, I can: fetch and summarize the referenced GitHub repo (if publicly available), list the exact commands the guide recommends to run so you can review them, or suggest safer step-by-step commands to audit without applying automatic fixes.
Capability Analysis
Type: OpenClaw Skill Name: moltbot-security Version: 1.0.3 The skill's stated purpose is security hardening, which is benign. However, the `SKILL.md` file instructs the AI agent to execute several powerful system commands, including `curl -fsSL https://deb.nodesource.com/setup_22.x | sudo -E bash -`. While intended for a legitimate Node.js update from a known source, this pattern of piping a remote script to `bash` with root privileges represents a significant supply chain risk and a potential Remote Code Execution (RCE) vulnerability if the remote source were compromised. This falls under 'risky capabilities without clear malicious intent' as per the classification guidelines, making the skill suspicious.
Capability Assessment
Purpose & Capability
Name and description claim security hardening for Moltbot/OpenClaw and the SKILL.md content indeed provides firewall, auth, permissions, Node.js updates, and Tailscale guidance — that aligns with the stated purpose. However, the package metadata claims no required config paths or env vars while the instructions explicitly reference ~/.openclaw/openclaw.json and several CLAWDBOT_* environment variables. This metadata/instruction mismatch is unexpected and deserves attention.
Instruction Scope
Instructions tell the operator to read and edit sensitive config files (~/.openclaw/openclaw.json), change file permissions, export secrets (CLAWDBOT_GATEWAY_TOKEN / CLAWDBOT_GATEWAY_PASSWORD), run firewall and sshd config changes, and run 'openclaw security audit --deep --fix'. Those actions are within a hardening guide's scope, but they are high-impact (modify system files, apply fixes automatically). The guide also recommends piping remote install scripts (Tailscale, NodeSource). Ensure you trust the sources before running them and verify the CLI tooling (openclaw) exists and is from a trusted origin.
Install Mechanism
The skill is instruction-only (no install spec), which is lower risk as nothing is written by the package manager. However, the instructions recommend running third-party install scripts (curl | sh for Tailscale and NodeSource), and a homebrew command for macOS; those are external downloads executed on the host and carry the usual supply-chain risk. The package.json references a GitHub repo, but registry metadata lists source/homepage as unknown/none — inconsistent provenance information.
Credentials
The SKILL.md instructs you to set environment variables (CLAWDBOT_GATEWAY_TOKEN, CLAWDBOT_GATEWAY_PASSWORD, CLAWDBOT_DISABLE_BONJOUR) and to edit local config paths, which are reasonable for a gateway hardening guide. But the registry metadata declares no required env vars and no required config paths; this mismatch makes it unclear what secrets/config the skill expects or will operate on. No unrelated credentials are requested, but the lack of declared requirements reduces transparency.
Persistence & Privilege
The skill does not request persistent or privileged platform-level presence (always:false, no special flags). It instructs manual edits to user and system files (home config, /etc/ssh, ufw) which are expected for system hardening. It does not attempt to modify other skills or system agent configs automatically in the provided instructions.
How to Use
  1. Make sure OpenClaw is installed (local or Docker)
  2. Run the install command in chat: /install moltbot-security
  3. After installation, invoke the skill by name or use /moltbot-security
  4. Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.3
- Skill renamed to "moltbot-security" for clarity and improved discoverability. - Description and keywords updated to emphasize compatibility with Moltbot, OpenClaw, Cursor, Claude, and popular coding/AI tools. - Keywords expanded to improve search relevance for security, developer, and AI tool users. - No changes to core guides or technical instructions.
v1.0.2
Rebranded to OpenClaw
v1.0.1
SEO update: added claude, cursor, devops, infosec keywords
v1.0.0
Initial release of the moltbot-security skill. - Provides step-by-step hardening guide for Moltbot/Clawdbot gateways. - Covers gateway binding, authentication setup, file permissions, and firewall configuration. - Includes real-world vulnerability context and prompt injection examples. - Offers quick audit and auto-fix commands. - Details secure remote access via Tailscale. - Includes a security checklist and recommended configuration templates.
Metadata
Slug moltbot-security
Version 1.0.3
License
All-time Installs 5
Active Installs 5
Total Versions 4
Frequently Asked Questions

What is Moltbot Security?

Security hardening for AI agents - Moltbot, OpenClaw, Cursor, Claude. Lock down gateway, fix permissions, auth, firewalls. Essential for vibe-coding setups. It is an AI Agent Skill for Claude Code / OpenClaw, with 2751 downloads so far.

How do I install Moltbot Security?

Run "/install moltbot-security" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is Moltbot Security free?

Yes, Moltbot Security is completely free (open-source). You can download, install and use it at no cost.

Which platforms does Moltbot Security support?

Moltbot Security is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created Moltbot Security?

It is built and maintained by Next Frontier AI (@nextfrontierbuilds); the current version is v1.0.3.

More Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191115 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 Comments