← 返回 Skills 市场
OpenClaw Security Monitor
作者
Adrian Birzu
· GitHub ↗
· v5.3.2
· MIT-0
3169
总下载
6
收藏
25
当前安装
18
版本数
在 OpenClaw 中安装
/install openclaw-security-monitor
功能描述
Proactive security monitoring, threat scanning, and auto-remediation for OpenClaw deployments
安全使用建议
This project appears to be what it claims: a local security scanner and remediation toolkit. Before installing or running anything: 1) Review remediation scripts (scripts/remediate/*.sh) to understand what changes they perform; run remediate.sh only in --dry-run first. 2) Do not enable unattended remediation (OPENCLAW_ALLOW_UNATTENDED_REMEDIATE) on production systems without manual review. 3) Be aware scans read sensitive files (openclaw.json, SKILL.md, logs, potential ~/.ssh/.env); treat outputs as sensitive. 4) Inspect/update-ioc.sh and telegram-setup.sh to confirm which remote endpoints are contacted before allowing network access. 5) Verify the repository origin (https://github.com/adibirzu/openclaw-security-monitor) and consider running first in an isolated/non-production instance. If you want me to, I can scan specific scripts (e.g., remediate.sh, update-ioc.sh) for exact commands that modify files or contact remote hosts.
功能分析
Type: OpenClaw Skill
Name: openclaw-security-monitor
Version: 5.3.2
The bundle is a legitimate security monitoring and hardening utility for OpenClaw deployments. It provides a comprehensive suite of scripts (scan.sh, remediate.sh, update-ioc.sh) designed to detect and mitigate known threats such as the ClawHavoc malware campaign, credential stealers, and over 60 disclosed CVEs. The scanner logic uses grep-based pattern matching against local files and configurations, while the remediation scripts offer transparent fixes like securing file permissions (chmod 600) and blocking malicious domains via /etc/hosts. The tool follows security best practices by requiring explicit user opt-in for automated fixes (OPENCLAW_ALLOW_UNATTENDED_REMEDIATE) and providing a read-only web dashboard (server.js) for visibility without execution risk.
能力标签
能力评估
Purpose & Capability
Name/description (security monitoring, scanning, remediation) match the included assets: 41-point scanner, IOC lists, read-only dashboard, and remediation scripts. Requested binaries (bash, curl, node, lsof) and the brew node install are appropriate for a Node dashboard plus shell tooling.
Instruction Scope
Runtime instructions invoke local scripts under ~/.openclaw/workspace/skills/<skill-dir>/scripts/*.sh. The dashboard and scanner intentionally read OpenClaw state (logs, openclaw.json, other SKILL.md files, skills directory). This is expected for a security auditor but means the tool will read sensitive local files (gateway tokens, device files, memory/SOUL files) when run — review and consent before executing.
Install Mechanism
Installer clones the GitHub repo and makes scripts executable; the registry install entry only suggests installing node via brew. No opaque binary downloads or extract-from-arbitrary-URL installs were present in the manifest. Note: update-ioc and telegram setup scripts may fetch external IOC/alerting feeds (normal for this tool) — inspect their endpoints if you need to restrict network calls.
Credentials
The skill declares no required environment variables, which aligns with the manifest. However the scanner and remediation logic access sensitive local configuration and artifacts (.openclaw logs, openclaw.json, skill SKILL.md, ~/.ssh, ENV files referenced in checks). Access is proportionate to the security purpose but should be treated as high-sensitivity read access. Telegram/alerting features require tokens or webhooks (optional) that are not predeclared.
Persistence & Privilege
always:false and disable-model-invocation:true reduce autonomous blast radius. Persistence (cron) is strictly optional and requires explicit user action. The skill does include automated remediation scripts that can make system changes when you run them; unattended remediation requires an explicit env opt-in (OPENCLAW_ALLOW_UNATTENDED_REMEDIATE=1).
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install openclaw-security-monitor - 安装完成后,直接呼叫该 Skill 的名称或使用
/openclaw-security-monitor触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v5.3.2
Patch v5.3.2 fixes PATH hijack false positives for normal Homebrew-managed binaries while keeping OpenClaw v2026.4.24 baseline and April 2026 advisory coverage.
v5.3.1
Update OpenClaw Security Monitor to v5.3.1: current recommended baseline v2026.4.24; refresh GitHub/skill metadata and keep April 2026 advisory coverage for setup-api.js cwd execution, webhook SecretRef replay, gateway config mutation guard bypass, dotenv connector/runtime overrides, MCP owner-context/tool-policy issues, OpenShell FS bridge escapes, and expanded ClawHub artifact scanning.
v5.3.0
Update OpenClaw Security Monitor to v5.3.0: current safe baseline v2026.4.23; adds April 21-24 advisory coverage for setup-api.js cwd execution, webhook SecretRef replay, gateway config mutation guard bypass, dotenv connector/runtime overrides, MCP owner-context/tool-policy issues, OpenShell FS bridge escapes, and expanded ClawHub skill artifact scanning.
v5.2.1
Finalize bundle-plugin support and keep corrected ClawHub metadata.
v5.2.0
Add bundle-plugin manifest, keep ClawHub metadata fixes, and preserve April 2026 threat coverage.
v5.1.1
Move requirements into metadata.openclaw, add registry-visible install metadata, and prepare for bundle-plugin publishing.
v5.1.0
Add April 2026 advisory coverage, raise safe baseline to v2026.4.15, and refresh IOC/update logic.
v4.2.1
v4.2.1: Safety posture hardening — removed curl|bash installer, IOC updates require interactive confirmation, no auto-installed persistence/symlinks/cron. Complete remediation guides for all 59 checks. Expanded Security & Transparency documentation.
v4.2.0
v4.2.0: Complete remediation guides for all 59 checks. Dashboard with IOC stats, skills list, check filters, remediation log. 8 new security checks (CVE-2026-28469, CVE-2026-28472, CVE-2026-32302, GHSA-7h7g, GHSA-vmhq, MCP tool poisoning, SANDWORM_MODE worm detection, rules file Unicode injection). 35+ CVEs, 40+ GHSAs, 1,200+ malicious packages.
v4.1.1
Fix ClawHub URL in issue, add IOC/skills/config panels to dashboard, expand README with CVE mapping table and threat intelligence sources.
v4.1.0
Remove child_process from dashboard to resolve ClawHub security flag. Dashboard is now read-only (no shell execution). Scans and remediation are CLI-only. Added install.sh for one-command setup. Updated README with all 59 checks.
v4.0.0
v4.0.0: 59-point scanner with 8 new checks (CVE-2026-28469, CVE-2026-28472, CVE-2026-32302, GHSA-7h7g, GHSA-vmhq, MCP tool poisoning, SANDWORM_MODE worm detection, rules file Unicode injection). 35+ CVEs, 40+ GHSAs, 1,200+ malicious packages.
v3.4.0
Add checks 37-40: PATH hijacking (GHSA-jqpq), env override injection (GHSA-82g8), macOS deep link truncation (CVE-2026-26320), log poisoning/WebSocket header injection. 40-point scanner with 8 new remediation scripts and 22 hardening recommendations.
v3.2.0
openclaw-security-monitor 3.2.0 changelog:
- Updated SKILL.md version to 3.2.0.
- No changes to functionality, commands, or usage documented.
- All previous features, instructions, and documentation remain unchanged.
v3.1.0
Major threat intel update: 9 new CVEs, expanded ClawHavoc (824+ skills), Vidar infostealer campaign, improved WebSocket check, 12 new threat sources. Minimum safe OpenClaw version now v2026.2.14.
v3.0.1
Clean re-publish: 32-point security scanner with per-check auto-remediation, web dashboard, IOC database, Telegram alerts
v3.0.0
Add 32 per-check remediation scripts with auto-fix and guidance modes, dashboard remediation UI with per-check and Remediate All buttons, fix dynamic check numbering,
expand .gitignore
v0.1.0
Initial release of openclaw-security-monitor: comprehensive security for OpenClaw deployments.
- Provides 32-point security scan, auto-remediation, and actionable exit codes.
- Real-time monitoring, daily automated scans, and centralized dashboard with process visualizations.
- Telegram alerting and detailed network IOC (Indicators of Compromise) checks included.
- Extensive remediation options: auto-fix, dry-run, per-check, or full coverage.
- Integrates threat intelligence from over 40 leading security sources and real-world attack research.
- Easy installation and seamless agent command integration via SKILL.md.
元数据
常见问题
OpenClaw Security Monitor 是什么?
Proactive security monitoring, threat scanning, and auto-remediation for OpenClaw deployments. 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 3169 次。
如何安装 OpenClaw Security Monitor?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install openclaw-security-monitor」即可一键安装,无需额外配置。
OpenClaw Security Monitor 是免费的吗?
是的,OpenClaw Security Monitor 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。
OpenClaw Security Monitor 支持哪些平台?
OpenClaw Security Monitor 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(darwin, linux)。
谁开发了 OpenClaw Security Monitor?
由 Adrian Birzu(@adibirzu)开发并维护,当前版本 v5.3.2。
推荐 Skills