← 返回 Skills 市场
128
总下载
0
收藏
0
当前安装
2
版本数
在 OpenClaw 中安装
/install openclaw-hardening
功能描述
Secure an OpenClaw server with host hardening, chainwatch runtime safety, pastewatch secret redaction, and noisepan+entropia news intelligence. Use when sett...
安全使用建议
This SKILL.md is coherent with a hardening tool, but it asks you to perform high‑privilege, persistent changes and to install third‑party binaries via curl/untar without integrity checks. Before running these instructions: 1) Review the upstream repositories (ppiankov/chainwatch and pastewatch) and their release artifacts; verify checksums/signatures when available. 2) Avoid piping unknown scripts into sudo — download and inspect them first. 3) Audit the systemd unit and binary contents you will install. 4) Backup configuration and test in a nonproduction instance. 5) Confirm you trust the maintainer and that the tool’s behavior (intercepting all LLM API traffic and accessing local config.env) is acceptable for your environment. 6) Prefer package manager installs or signed releases where possible, and consider limiting scope (non‑root, containerized testing) until you’ve validated behavior.
功能分析
Type: OpenClaw Skill
Name: openclaw-hardening
Version: 2.1.0
The skill bundle performs extensive system-level modifications, including SSH hardening, firewall configuration, and the installation of multiple third-party security tools (chainwatch, pastewatch, noisepan) via high-risk methods like 'curl | bash' and direct binary downloads from GitHub (github.com/ppiankov). While these tools are presented as hardening measures, they implement a non-bypassable intercept proxy for LLM traffic and kernel-level monitoring (eBPF), granting the tools significant control over the environment and sensitive API communications. The combination of high-privilege operations and reliance on unverified remote binaries in SKILL.md constitutes a significant security risk despite the stated protective intent.
能力评估
Purpose & Capability
The name/description (host hardening, command safety, secret redaction) aligns with the actions in SKILL.md: SSH hardening, firewall, fail2ban, installing chainwatch/pastewatch, and registering skills. Nothing obviously unrelated is requested, but the skill asks for full root/sudo and to install persistent intercept/proxy services — which is consistent with its goals but is a high‑impact set of operations.
Instruction Scope
The runtime instructions require root, modify systemd services, edit sshd_config, change firewall rules, copy libraries into /usr/lib, and instruct routing the agent's LLM traffic through an intercept proxy. Those steps go beyond simple configuration tweaks and grant the tool broad control of network flows and local secrets. The instructions also include curl|sudo bash one‑liners and automatic placement of skill files into ~/.openclaw — all high‑impact operations that should be reviewed before running.
Install Mechanism
Although there is no declared install spec in the registry, the SKILL.md includes direct download and install steps: curl | sudo bash from raw.githubusercontent.com, direct GitHub release binaries written to /usr/local/bin, and unpacking the Swift runtime and copying libs into /usr/lib without checksum verification. These are legitimate ways to install tools but are supply‑chain risky and lack integrity checks — flagged as high risk by policy.
Credentials
The skill declares no required env vars but instructs setting ANTHROPIC_BASE_URL/OPENAI_BASE_URL and claims to intercept agent API traffic and local config.env. Pastewatch will scan many secret types and read/write files to replace placeholders. Access to local secrets and config files is relevant to redaction/hardening, but the scope is broad and the SKILL.md does not explicitly require or describe safeguards (e.g., checksums, least privilege), so exercise caution.
Persistence & Privilege
The skill creates persistent artifacts (systemd service, binaries in /usr/local/bin, skill files in ~/.openclaw/skills) which is expected for tooling that enforces runtime policies. It does not set always:true and does not itself request modification of other skills' configs. Persistent services that intercept LLM traffic are a significant privilege but not inherently incoherent with the stated purpose.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install openclaw-hardening - 安装完成后,直接呼叫该 Skill 的名称或使用
/openclaw-hardening触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v2.1.0
Added ContextSpectre proxy layer (noise stripping) to defense-in-depth chain
v2.0.0
v2.0: Added Layer 5 eBPF enforce (seccomp containment), pastewatch proxy chain, observe audit, updated architecture diagram
元数据
常见问题
OpenClaw Hardening 是什么?
Secure an OpenClaw server with host hardening, chainwatch runtime safety, pastewatch secret redaction, and noisepan+entropia news intelligence. Use when sett... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 128 次。
如何安装 OpenClaw Hardening?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install openclaw-hardening」即可一键安装,无需额外配置。
OpenClaw Hardening 是免费的吗?
是的,OpenClaw Hardening 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。
OpenClaw Hardening 支持哪些平台?
OpenClaw Hardening 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 OpenClaw Hardening?
由 ppiankov(@ppiankov)开发并维护,当前版本 v2.1.0。
推荐 Skills