← 返回 Skills 市场
ClawGuard-Checker
作者
stardreaming
· GitHub ↗
· v3.0.0
· MIT-0
105
总下载
0
收藏
0
当前安装
1
版本数
在 OpenClaw 中安装
/install clawguard-checker
功能描述
ClawGuard Security Checker v3 - Advanced configuration analysis, runtime integrity verification, permission modeling, and one-click hardening recommendations
使用说明 (SKILL.md)
🔧 ClawGuard Security Checker (CG-SC) v3
Enterprise-grade security configuration analyzer and runtime integrity verifier for OpenClaw environments. Provides comprehensive security posture assessment with advanced configuration analysis, permission modeling, and one-click hardening recommendations.
When to Use
Activate ClawGuard Checker when:
- A user asks to check the security status of the OpenClaw instance
- Periodic security review is needed
- After configuration changes
- User asks for "security check", "hardening", or "how to secure"
How to Execute
Follow these steps when performing a security check:
Step 1: Check Configuration File
- Find and read
~/.openclaw/openclaw.json - Verify these security settings:
gateway.bindshould be "localhost" (not "0.0.0.0" or "lan")gateway.tls.enabledshould be truegateway.auth.deviceAuthshould be truetools.profileshould be "restricted" (not "full")tools.fs.workspaceOnlyshould be true
Step 2: Check for Exposed Credentials
Search for exposed secrets in:
- Config files (API keys, tokens, passwords)
- Environment files (.env)
- Log files
Step 3: Check File Permissions
Verify these permissions:
~/.openclaw/openclaw.jsonshould be 600 (owner read/write only)~/.openclaw/directory should be 700- SSH keys should be 600
- Not running as root user
Step 4: Check Network Settings
- Gateway port should not be exposed to 0.0.0.0
- Trusted proxies should be limited
- Rate limiting should be enabled
Step 5: Generate Hardening Recommendations (v3)
Based on findings, generate specific recommendations:
- CRITICAL issues: Generate immediate fix
- HIGH issues: Generate configuration changes
- MEDIUM issues: Suggest improvements
Step 6: Output Result
Calculate security score and output:
- Score: 0-100
- Grade: A+ to F
- List of issues found
- Hardening recommendations (v3)
Purpose
ClawGuard Security Checker is the second line of defense, providing continuous security posture monitoring for OpenClaw instances. It verifies:
- Configuration Security: Comprehensive analysis of OpenClaw configuration files
- Runtime Integrity: Cryptographic verification of system files and runtime components
- Permission Modeling: Advanced permission analysis and least-privilege enforcement
- Network Security: Multi-layered network policy validation
- Log Forensics: AI-powered anomaly detection in audit logs
- Compliance: Security benchmark compliance checking
- Hardening (v3): One-click security configuration generation
Core Workflow
┌─────────────────────────────────────────────────────────────────┐
│ CLAWGUARD SECURITY CHECKER WORKFLOW │
└─────────────────────────────────────────────────────────────────┘
[Scheduled/Manual Check Trigger]
│
▼
┌───────────────────────┐
│ 1. CONFIGURATION │ ← Parse and validate openclaw.json
│ ANALYSIS │
└───────────┬───────────┘
│ PASS
▼
┌───────────────────────┐
│ 2. CREDENTIAL SCAN │ ← Detect exposed secrets
└───────────┬───────────┘
│ PASS
▼
┌───────────────────────┐
│ 3. PERMISSION │ ← File/directory permission analysis
│ MODELING │
└───────────┬───────────┘
│ PASS
▼
┌───────────────────────┐
│ 4. RUNTIME INTEGRITY │ ← SHA-256 + quantum-resistant hashes
└───────────┬───────────┘
│ PASS
▼
┌───────────────────────┐
│ 5. NETWORK SECURITY │ ← Port, firewall, proxy analysis
└───────────┬───────────┘
│ PASS
▼
┌───────────────────────┐
│ 6. HARDENING (v3) │ ← Generate security recommendations
└───────────┬───────────┘
│ PASS
▼
[SECURITY REPORT]
Phase 1: Configuration Analysis
Configuration File Schema
The analyzer examines openclaw.json for security-relevant settings:
{
"gateway": {
"bind": "localhost",
"port": 8080,
"tls": {
"enabled": true,
"certPath": "/path/to/cert.pem",
"keyPath": "/path/to/key.pem"
},
"auth": {
"deviceAuth": true,
"tokenExpiry": 3600
},
"cors": {
"allowedOrigins": ["https://example.com"]
}
},
"tools": {
"profile": "restricted",
"fs": {
"workspaceOnly": true,
"allowedPaths": ["/workspace/*"]
},
"network": {
"egressRestrictions": true,
"allowedDomains": ["api.github.com", "api.openai.com"]
},
"exec": {
"allowedCommands": ["git", "npm", "node"]
}
},
"security": {
"update": {
"checkOnStart": true,
"autoUpdate": false
},
"audit": {
"enabled": true,
"retentionDays": 30
}
}
}
Configuration Security Checks
| Check | Severity | Points | Detection Rule |
|---|---|---|---|
| Gateway bind 0.0.0.0 | CRITICAL | -20 | gateway.bind === "0.0.0.0" |
| Gateway bind lan | HIGH | -15 | gateway.bind === "lan" |
| CORS * allowed | HIGH | -15 | allowedOrigins.includes("*") |
| tools.exec.security = "full" | CRITICAL | -20 | tools.exec.security === "full" |
| Device auth disabled | HIGH | -15 | deviceAuth === false |
| Token expiry > 24h | MEDIUM | -5 | tokenExpiry > 86400 |
| TLS not enabled | HIGH | -15 | tls.enabled === false |
| fs.workspaceOnly false | HIGH | -15 | fs.workspaceOnly === false |
| Sandbox disabled | HIGH | -15 | sandbox.enabled === false |
| No egress restrictions | HIGH | -10 | network.egressRestrictions === false |
Hardening Recommendations (v3)
| Issue | Current | Recommended |
|---|---|---|
| Gateway bind | "0.0.0.0" |
"127.0.0.1" |
| Auth mode | null or "none" |
"token" |
| Exec security | "full" |
"allowlist" |
| Sandbox | enabled: false |
enabled: true |
| TLS | enabled: false |
enabled: true |
| CORS | origin: "*" |
origin: ["your-domain.com"] |
Phase 2: Credential Exposure Detection
Multi-Layer Credential Scanning
| Layer | Target | Method |
|---|---|---|
| Layer 1 | Configuration files | Pattern matching |
| Layer 2 | Environment files (.env) | Direct file scan |
| Layer 3 | Log files | Historical credential check |
| Layer 4 | Memory dumps | Process memory (optional) |
Enhanced Credential Detection (v3)
const CREDENTIAL_PATTERNS = [
// API Keys
{ pattern: /sk-[a-zA-Z0-9]{20,}/g, type: 'openai_key', severity: 'CRITICAL' },
{ pattern: /sk-ant-[a-zA-Z0-9_-]{20,}/g, type: 'anthropic_key', severity: 'CRITICAL' },
{ pattern: /AKIA[0-9A-Z]{16}/g, type: 'aws_access_key', severity: 'CRITICAL' },
{ pattern: /ghp_[a-zA-Z0-9]{36}/g, type: 'github_token', severity: 'CRITICAL' },
{ pattern: /gho_[a-zA-Z0-9]{36}/g, type: 'github_oauth', severity: 'CRITICAL' },
{ pattern: /glpat-[a-zA-Z0-9_-]{20}/g, type: 'gitlab_token', severity: 'CRITICAL' },
// Private Keys
{ pattern: /-----BEGIN (RSA |DSA |EC |OPENSSH) PRIVATE KEY-----/g, type: 'private_key', severity: 'CRITICAL' },
// Generic Secrets
{ pattern: /api[_-]?key["\s:=]+[a-zA-Z0-9]{16,}/gi, type: 'api_key', severity: 'HIGH' },
{ pattern: /password["\s:=]+["'][^"']{8,}["']/gi, type: 'password', severity: 'HIGH' },
];
Detection Rules
| Credential Type | Pattern | Severity | Action |
|---|---|---|---|
| AWS Access Key | AKIA... |
CRITICAL | Alert + Rotate |
| GitHub Token | ghp_... |
CRITICAL | Alert + Revoke |
| OpenAI Key | sk-... |
CRITICAL | Alert + Revoke |
| Private Key | -----BEGIN... |
CRITICAL | Alert + Alert SOC |
| Weak Password | \x3C 12 chars | HIGH | Alert + Change |
Phase 3: Permission Modeling
File System Permission Analysis
const CRITICAL_PATHS = [
{ path: '~/.openclaw/openclaw.json', expectedMode: '600', severity: 'HIGH' },
{ path: '~/.openclaw/', expectedMode: '700', severity: 'HIGH' },
{ path: '~/.ssh/', expectedMode: '700', severity: 'CRITICAL' },
{ path: '~/.aws/', expectedMode: '700', severity: 'CRITICAL' },
];
Permission Check Matrix
| Check | Severity | Points | Rule |
|---|---|---|---|
| Config file world-readable | CRITICAL | -20 | Mode & 007 !== 0 |
| Config file group-readable | HIGH | -10 | Mode & 070 !== 0 |
| SSH keys world-readable | CRITICAL | -20 | Mode & 004 !== 0 |
| Running as root | CRITICAL | -25 | UID === 0 |
| Workspace world-writable | HIGH | -15 | Mode & 002 !== 0 |
Phase 4: Network Security Analysis
Port and Binding Analysis
| Check | Severity | Points | Detection |
|---|---|---|---|
| Gateway on 0.0.0.0 | CRITICAL | -20 | Exposed to all interfaces |
| Gateway on lan | HIGH | -15 | Exposed to local network |
| Gateway on localhost | LOW | 0 | Only local access |
| TLS disabled | HIGH | -15 | Unencrypted communication |
Network Security Checks
const NETWORK_SECURITY_CHECKS = [
{
check: 'rate_limiting',
rule: (config) => config.rateLimit?.enabled === true,
severity: 'HIGH',
points: -10,
message: 'Rate limiting not enabled',
fix: { rateLimit: { enabled: true, max: 100, windowMs: 60000 } }
},
{
check: 'egress_whitelist',
rule: (config) => config.network?.allowedDomains?.length > 0,
severity: 'HIGH',
points: -10,
message: 'No egress domain whitelist configured',
fix: { network: { allowedDomains: ['api.github.com', 'api.openai.com'] } }
},
{
check: 'trusted_proxies',
rule: (config) => config.trustedProxies?.length \x3C= 2,
severity: 'MEDIUM',
points: -5,
message: 'Limited proxy trust configured'
}
];
Phase 5: Hardening Recommendations (v3 核心功能)
One-Click Hardening
Based on detected issues, generate hardened configuration:
const HARDEENING_RULES = {
// Gateway Hardening
gateway: {
bind: { value: '127.0.0.1', reason: 'Only local access' },
tls: { value: { enabled: true }, reason: 'Encrypted communication' },
auth: { value: { mode: 'token', token: '\x3CGENERATE>' }, reason: 'Authentication required' },
rateLimit: { value: { enabled: true, max: 100, windowMs: 60000 }, reason: 'DDoS protection' },
cors: { value: { enabled: true, origin: [], credentials: true }, reason: 'Controlled access' }
},
// Tools Hardening
tools: {
exec: {
security: { value: 'allowlist', reason: 'Controlled execution' },
allowlist: { value: ['ls', 'cat', 'grep', 'find', 'echo', 'pwd'], reason: 'Minimal command set' }
},
fs: {
workspaceOnly: { value: true, reason: 'File system isolation' }
}
},
// Sandbox Hardening
sandbox: {
enabled: { value: true, reason: 'Runtime isolation' },
allowedPaths: { value: ['/tmp', '~/workspace'], reason: 'Controlled file access' },
deniedPaths: { value: ['/home', '/root', '/etc', '/var'], reason: 'Protect system files' },
maxMemory: { value: 512, reason: 'Resource limit' },
timeout: { value: 60000, reason: 'Execution timeout' }
}
};
Hardened Config Example
{
"gateway": {
"bind": "127.0.0.1",
"auth": {
"mode": "token",
"token": "\x3CGENERATE: crypto.randomBytes(32).toString('hex')>"
},
"tls": {
"enabled": true
},
"rateLimit": {
"enabled": true,
"max": 100,
"windowMs": 60000
}
},
"tools": {
"exec": {
"security": "allowlist",
"allowlist": ["ls", "cat", "grep", "find", "echo", "pwd"]
},
"fs": {
"workspaceOnly": true
}
},
"sandbox": {
"enabled": true,
"allowedPaths": ["/tmp", "~/workspace"],
"deniedPaths": ["/home", "/root", "/etc", "/var"],
"maxMemory": 512,
"timeout": 60000
},
"logging": {
"enabled": true,
"level": "info",
"auditLog": true
}
}
Security Scoring
Scoring Formula
SECURITY_SCORE = 100 - CONFIG_PENALTY - CREDENTIAL_PENALTY - PERMISSION_PENALTY - NETWORK_PENALTY
Where:
- CONFIG_PENALTY = CRITICAL*20 + HIGH*15 + MEDIUM*5
- CREDENTIAL_PENALTY = CRITICAL*25 + HIGH*15 + MEDIUM*5
- PERMISSION_PENALTY = CRITICAL*25 + HIGH*15 + MEDIUM*5
- NETWORK_PENALTY = CRITICAL*20 + HIGH*15 + MEDIUM*5
Score Classification
| Grade | Score | Color | Action |
|---|---|---|---|
| A+ | 95-100 | 🟢 | Excellent - Continue monitoring |
| A | 90-94 | 🟢 | Good - Minor improvements possible |
| B | 80-89 | 🟢 | Satisfactory - Address warnings |
| C | 70-79 | 🟡 | Fair - Fix within 1 week |
| D | 60-69 | 🟠 | Poor - Fix within 24 hours |
| F | 0-59 | 🔴 | Critical - Fix immediately |
Output Formats
Terminal Output (v3)
╔══════════════════════════════════════════════════════════════╗
║ 🔧 CLAWGUARD SECURITY CHECK REPORT v3.0.0 ║
╠══════════════════════════════════════════════════════════════╣
║ Instance: openclaw-abc123 ║
║ Time: YYYY-MM-DD HH:MM:SS ║
╚══════════════════════════════════════════════════════════════╝
▶ GATEWAY SECURITY [-35]
🔴 [CRITICAL] Gateway bind: 0.0.0.0 (exposed)
Fix: Set gateway.bind = "127.0.0.1"
🔴 [CRITICAL] Auth disabled
Fix: Set gateway.auth.mode = "token"
🟡 [HIGH] TLS not enabled
Fix: Set gateway.tls.enabled = true
▶ TOOLS SECURITY [-20]
🔴 [CRITICAL] Exec security: full
Fix: Set tools.exec.security = "allowlist"
and add: tools.exec.allowlist = ["ls", "cat", "grep", ...]
▶ SANDBOX [-15]
🟠 [HIGH] Sandbox disabled
Fix: Set sandbox.enabled = true
▶ CREDENTIALS [0]
✓ No exposed credentials
▶ PERMISSIONS [0]
✓ Config file mode 600
✓ Directory mode 700
╔══════════════════════════════════════════════════════════════╗
║ SECURITY GRADE: F (30/100) ║
╠══════════════════════════════════════════════════════════════╣
║ CRITICAL: 3 | HIGH: 2 | MEDIUM: 0 ║
╠══════════════════════════════════════════════════════════════╣
║ 🛡️ HARDENING RECOMMENDATION (v3) ║
║ ║
║ Run with --fix to generate hardened configuration: ║
║ node cli.js --fix ║
╚══════════════════════════════════════════════════════════════╝
v3 vs v2 Features
| Feature | v2 | v3 |
|---|---|---|
| Configuration Analysis | ✅ | ✅ |
| Credential Detection | ✅ | ✅ |
| Permission Modeling | ✅ | ✅ |
| Network Security | ✅ | ✅ |
| Log Forensics | ✅ | ✅ |
| Hardening Recommendations | ❌ | ✅ (v3) |
| One-Click Fix Generation | ❌ | ✅ (v3) |
| Automated Config Generation | ❌ | ✅ (v3) |
| Security Grade A-F | Basic | Enhanced (v3) |
ClawGuard Security Checker: Vigilant protection for your AI agents. 🔧
安全使用建议
This skill appears to be a legitimate local OpenClaw configuration and hardening checker. Before running: (1) review the code (especially the deep-check path) if you are cautious about what files will be read; (2) run without --deep and without --fix first to see the report; (3) do not run as root — run as the user who owns the OpenClaw config; (4) backup your config before applying any generated hardened config; (5) if you use the agent's autonomous invocation, be aware the README suggests auto-trigger phrases that could make the agent run checks when asked; limit that if you don't want automatic scans. Overall, the skill is coherent with its stated purpose.
功能分析
Type: OpenClaw Skill
Name: clawguard-checker
Version: 3.0.0
The bundle is a security configuration auditor for the OpenClaw platform designed to identify insecure settings and provide hardening recommendations. It analyzes 'openclaw.json', verifies file permissions for sensitive directories (e.g., ~/.ssh, ~/.aws), and checks for common misconfigurations like 0.0.0.0 bindings or disabled authentication. The implementation in src/checker.js and cli.js is transparent, contains no external network dependencies or obfuscation, and its behavior is strictly aligned with the stated purpose of security auditing.
能力评估
Purpose & Capability
Name/description (ClawGuard security checker) align with the included files (cli.js, src/checker.js), SKILL.md, and package.json. The code implements configuration, credential, network, and sandbox checks as described; no unrelated cloud credentials, binaries, or opaque external services are requested.
Instruction Scope
SKILL.md and the CLI direct the agent to read the OpenClaw config (~/.openclaw/openclaw.json), inspect config-related files, search for exposed secrets, check permissions (including SSH keys), and optionally run a deep check. Those actions are expected for a security auditor, but the 'search for exposed secrets' / 'deep' modes are somewhat open-ended and could read additional files (logs, .env files, etc.). Users should be aware deep mode may access other local files and keys.
Install Mechanism
No install spec that downloads remote archives or runs installers; package is distributed as source files (cli.js, src/checker.js, package.json) with no external dependencies. This minimizes install risk.
Credentials
The skill does not request environment variables, credentials, or external tokens. It inspects local configuration and files only, which is proportionate to its stated purpose. There are no unrelated secrets requested.
Persistence & Privilege
always: false and no special persistence or system-wide configuration changes are requested. The skill can be invoked autonomously by the agent by default (platform standard), but it does not request elevated privileges or permanent inclusion.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install clawguard-checker - 安装完成后,直接呼叫该 Skill 的名称或使用
/clawguard-checker触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v3.0.0
ClawGuard Security Checker v3 - Initial Release
- Provides enterprise-grade security posture assessment for OpenClaw environments.
- Performs advanced configuration analysis, runtime integrity verification, and permission modeling.
- Supports multi-layer credential exposure detection with enhanced pattern scanning.
- Offers comprehensive hardening recommendations with automated scoring and grading.
- Outputs clear, actionable security reports with scores, grades, detected issues, and custom recommendations.
元数据
常见问题
ClawGuard-Checker 是什么?
ClawGuard Security Checker v3 - Advanced configuration analysis, runtime integrity verification, permission modeling, and one-click hardening recommendations. 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 105 次。
如何安装 ClawGuard-Checker?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install clawguard-checker」即可一键安装,无需额外配置。
ClawGuard-Checker 是免费的吗?
是的,ClawGuard-Checker 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。
ClawGuard-Checker 支持哪些平台?
ClawGuard-Checker 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 ClawGuard-Checker?
由 stardreaming(@stardreaming)开发并维护,当前版本 v3.0.0。
推荐 Skills