← Back to Skills Marketplace
246
Downloads
0
Stars
0
Active Installs
1
Versions
Install in OpenClaw
/install openclaw-security-checklist
Description
OpenClaw 部署前安全检查清单。聚焦合规导向的部署前检查(非事后加固),覆盖防火墙、SSH、API 密钥管理、数据出境合规、多部署场景验证。使用清单式检查,可逐项打勾并生成报告。适用于个人 Mac、VPS、Docker、企业部署场景。
Usage Guidance
This skill is internally consistent with being a deployment pre-check tool, but review and understand the scripts before running. Note the script will read system files (/etc/ssh/sshd_config), your ~/.openclaw workspace and environment variables to look for secrets — that is expected but can expose sensitive values if you redirect or share output. The script issues an external request to ipinfo.io to detect server country (this reveals your host IP/country to that service). Also ignore/avoid insecure example snippets in the docs that echo API keys into ~/.zshrc or logs; prefer secure secret stores. Recommended: inspect scripts locally, run them in a constrained/test environment first, and do not pipe or share the raw output if you suspect it may contain secrets.
Capability Analysis
Type: OpenClaw Skill
Name: openclaw-security-checklist
Version: 1.0.0
The bundle is a legitimate security auditing and compliance tool designed for OpenClaw deployments. The primary scripts, 'scripts/security-check.sh' and 'security-checklist.sh', perform local system inspections including firewall status, SSH configurations, API key storage permissions, and system update status. While the scripts use potentially sensitive commands like 'grep' to locate hardcoded API keys and 'curl' to check IP geolocation for data residency compliance, all findings are saved to local report files (e.g., '~/openclaw-security-report.txt') with no evidence of data exfiltration, persistence mechanisms, or malicious prompt injection.
Capability Assessment
Purpose & Capability
Name/description (deployment pre-check, compliance-focused) align with included README, references and the provided shell scripts which implement firewall, SSH, API-key and data-border checks across Mac/VPS/Docker/enterprise scenarios.
Instruction Scope
Runtime instructions simply run the included shell script and point to local reference files. The script performs local checks (reads /etc/ssh/sshd_config, ~/.openclaw/workspace, system commands like netstat/docker/dmidecode) which are appropriate for a security checklist, but it also performs network queries (curl ipinfo.io) to determine server country — this leaks the host's IP/country to a third party and should be highlighted to users. The script prints findings (including file paths and warnings about detected secrets) which may expose sensitive data if output is captured or shared.
Install Mechanism
No install spec; this is instruction+script only. No downloads or archive extraction are performed by the skill itself, so installation risk is low.
Credentials
The skill declares no required environment variables. The scripts do enumerate environment variables and scan the user's workspace for 'sk-'/'api_key' patterns and .env/config files — this is expected for a secrets-detection checklist, but it means the script will inspect sensitive local state (env and files). Reference docs include examples that write keys into shell rc or logs (insecure examples) — these are poor practices that the user should not adopt without modification.
Persistence & Privilege
The skill does not request persistent elevated privileges, does not set always:true, and does not modify other skills. It writes a local report to ~/openclaw-security-report.txt which is reasonable for a local audit tool.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install openclaw-security-checklist - After installation, invoke the skill by name or use
/openclaw-security-checklist - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.0
openclaw-security-checklist v1.0.0
- 首次发布,提供 OpenClaw 部署前安全与合规检查清单。
- 覆盖防火墙、SSH、API 密钥、数据出境合规及多部署场景(Mac/VPS/Docker/企业)。
- 提供自动检查脚本与手动清单打勾两种使用方式,生成可分享的报告。
- 细化合规要点,适配中国相关法规。
- 支持多环境部署的细分检查建议。
Metadata
Frequently Asked Questions
What is Openclaw Security Checklist?
OpenClaw 部署前安全检查清单。聚焦合规导向的部署前检查(非事后加固),覆盖防火墙、SSH、API 密钥管理、数据出境合规、多部署场景验证。使用清单式检查,可逐项打勾并生成报告。适用于个人 Mac、VPS、Docker、企业部署场景。 It is an AI Agent Skill for Claude Code / OpenClaw, with 246 downloads so far.
How do I install Openclaw Security Checklist?
Run "/install openclaw-security-checklist" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is Openclaw Security Checklist free?
Yes, Openclaw Security Checklist is completely free, licensed under MIT-0. You can download, install and use it at no cost.
Which platforms does Openclaw Security Checklist support?
Openclaw Security Checklist is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created Openclaw Security Checklist?
It is built and maintained by yiyuanlu (@yiyuanlu); the current version is v1.0.0.
More Skills