← 返回 Skills 市场
sunt23310-ops

Security Audit

作者 sunt23310-ops · GitHub ↗ · v1.0.0 · MIT-0
macoslinux ⚠ suspicious
311
总下载
0
收藏
1
当前安装
1
版本数
在 OpenClaw 中安装
/install clawgears-security-audit
功能描述
Comprehensive OpenClaw security audit — checks gateway binding, credential exposure, channel policies, tool sandboxing, network/IP leaks, and macOS system se...
使用说明 (SKILL.md)

OpenClaw Security Audit

Run a comprehensive security audit on your local OpenClaw installation. Covers 6 security domains mapped to MITRE ATLAS threat categories.

When to Use

  • User asks to "check security", "audit my openclaw", "is my config secure?"
  • User mentions concerns about API key leaks, exposed ports, or privacy
  • After changing OpenClaw configuration (gateway, channels, tools, etc.)
  • User wants a security report (HTML or JSON)

When NOT to Use

  • General system security questions unrelated to OpenClaw
  • User is asking about a different application
  • User just wants to know what OpenClaw is

Setup

Check if the audit tool is installed:

ls ~/openclaw-security-audit/audit.sh 2>/dev/null || echo "NOT_INSTALLED"

If not installed, clone it:

git clone https://github.com/sunt23310-ops/openclaw-security-audit.git ~/openclaw-security-audit

Running Checks

AUDIT_DIR="$HOME/openclaw-security-audit"

Quick Check (critical items only, ~5 seconds)

bash "$AUDIT_DIR/checks/gateway.sh" && bash "$AUDIT_DIR/checks/credentials.sh"

Full Audit (all 6 modules)

for check in gateway credentials channels tools network system; do
  bash "$AUDIT_DIR/checks/${check}.sh"
done

Individual Checks

Match the user's concern to the right module:

User asks about Command
Gateway, ports, binding, auth, TLS bash "$AUDIT_DIR/checks/gateway.sh"
API keys, passwords, file permissions, history leaks bash "$AUDIT_DIR/checks/credentials.sh"
WhatsApp, Telegram, DM policy, allowFrom bash "$AUDIT_DIR/checks/channels.sh"
Sandbox, denyCommands, tool restrictions bash "$AUDIT_DIR/checks/tools.sh"
IP leak, exposed ports, firewall, Shodan/Censys bash "$AUDIT_DIR/checks/network.sh"
macOS SIP, FileVault, TCC, iCloud sync bash "$AUDIT_DIR/checks/system.sh"

Auto-Fix (requires explicit user confirmation for each fix)

bash "$AUDIT_DIR/fixes/interactive-fix.sh"

Specific fixes:

  • bash "$AUDIT_DIR/fixes/gateway-fix.sh" — bind gateway to localhost, generate strong token
  • bash "$AUDIT_DIR/fixes/permission-fix.sh" — fix file/directory permissions
  • bash "$AUDIT_DIR/fixes/channel-fix.sh" — fix DM policy, allowFrom, requireMention

Generate Report

bash "$AUDIT_DIR/audit.sh"

Then select option 5 for HTML or JSON report output.

Output Format

Each check outputs lines prefixed with:

  • [PASS] — check passed, no action needed
  • [WARN] — potential issue, review recommended
  • [FAIL] — security issue found, fix recommended
  • [SKIP] — check skipped (component not installed or not applicable)

After running checks, summarize results clearly. If there are FAIL items, recommend the appropriate fix script and explain what it will do before the user confirms.

Important Notes

  • This tool is read-only by default. Fix scripts require explicit user confirmation for each change.
  • The IP leak check (network module) will ask before sending your IP to external services (Shodan, Censys).
  • All checks gracefully skip if OpenClaw is not installed or a component is missing.
  • On Linux, macOS-specific checks (SIP, FileVault, TCC) are automatically skipped.
安全使用建议
This skill points your agent to clone and execute a GitHub-hosted audit toolkit, but the registry metadata does not declare 'git' or the remote-download step. Before installing or running: (1) manually inspect the repository (https://github.com/sunt23310-ops/openclaw-security-audit) yourself to confirm the scripts do what they claim; (2) prefer running the audit in an isolated environment (container, VM, or throwaway account) so arbitrary scripts can't access your main files; (3) verify any fix scripts before consenting and back up configs; (4) expect the audit to read local config files and histories — only proceed if you're comfortable with that level of access; (5) ask the maintainer why 'git' and the remote-clone step are not declared in the skill metadata and request the code be bundled or the install step explicitly listed. If you cannot review the repo, treat this skill as high-risk.
功能分析
Type: OpenClaw Skill Name: clawgears-security-audit Version: 1.0.0 The skill bundle acts as a bootstrap for an external security audit tool by cloning a remote repository (github.com/sunt23310-ops/openclaw-security-audit) and executing various shell scripts (audit.sh, credentials.sh, etc.) on the host system. While the stated purpose is a security audit, the instructions in SKILL.md direct the agent to download and run arbitrary code from a third-party source with access to sensitive domains like credentials, network configurations, and macOS system security (SIP/TCC). This pattern is highly risky as it facilitates remote code execution (RCE) without verifying the integrity of the external scripts, though no explicitly malicious logic is contained within the provided files.
能力评估
Purpose & Capability
Name and description match the checks described in SKILL.md and the declared binaries (bash, curl, python3) are reasonable for a local audit. However, the runtime instructions require git cloning and executing scripts from ~/openclaw-security-audit, yet 'git' is not listed in required binaries and the registry metadata does not declare the external repository download as part of install. That omission is an incoherence: installing/executing a remote audit suite typically requires git or another downloader and should be declared.
Instruction Scope
SKILL.md instructs the agent to clone a GitHub repo and run multiple bash scripts that will inspect gateway binding, credentials, channel policies, tool sandboxes, network/IP checks (including optional queries to Shodan/Censys), and macOS system state. The doc claims read-only by default and prompts before external queries/fixes, but because there are no bundled code files the actual behavior depends entirely on the external repo. The instructions implicitly allow executing arbitrary remote scripts which may read sensitive files (configs, shell history) — the scope is broader than the metadata declares and grants the agent discretion to run downloaded code.
Install Mechanism
Registry metadata lists a brew formula for python3 only. The SKILL.md uses git clone from GitHub to fetch the audit toolkit and then runs its scripts. Fetching and executing code from a remote repository is higher risk than a pure instruction-only skill; although GitHub is a known host (better than an arbitrary IP/shortener), the metadata does not document this download step or require 'git' as a binary, so the install/run mechanism is inconsistent and needs explicit declaration or code bundled with the skill.
Credentials
The skill declares no required credentials or env vars, which is appropriate for a local audit. However, the audit scripts referenced (credentials checks, permission fixes, gateway fixes) will likely read local configuration files and may prompt for or require access to tokens/configs during fixes. Because the actual scripts are external, the skill's lack of declared credential requirements is acceptable but incomplete — users should expect on-run prompts and local-file reads.
Persistence & Privilege
The skill is not always-enabled and does not request persistent privileges in metadata. It documents that fix scripts require explicit user confirmation before making changes. There is no evidence it modifies other skills or system-wide agent settings on its own.
如何使用
  1. 确保已安装 OpenClaw(本地或 Docker 部署)
  2. 在对话框中输入安装命令:/install clawgears-security-audit
  3. 安装完成后,直接呼叫该 Skill 的名称或使用 /clawgears-security-audit 触发
  4. 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.0
Initial release: 6-module OpenClaw security audit covering gateway, credentials, channels, tools, network, and system checks.
元数据
Slug clawgears-security-audit
版本 1.0.0
许可证 MIT-0
累计安装 1
当前安装数 1
历史版本数 1
常见问题

Security Audit 是什么?

Comprehensive OpenClaw security audit — checks gateway binding, credential exposure, channel policies, tool sandboxing, network/IP leaks, and macOS system se... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 311 次。

如何安装 Security Audit?

在 OpenClaw 或 Claude Code 对话框中运行命令「/install clawgears-security-audit」即可一键安装,无需额外配置。

Security Audit 是免费的吗?

是的,Security Audit 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。

Security Audit 支持哪些平台?

Security Audit 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(macos, linux)。

谁开发了 Security Audit?

由 sunt23310-ops(@sunt23310-ops)开发并维护,当前版本 v1.0.0。

推荐 Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191115 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 留言讨论