test0413-6348

Security audit + append-only logging + monitoring for OpenClaw skills (file-level diff, baseline approval, SHA-256 integrity).

This tool appears coherent: it will read your whole skills workspace, snapshot contents into a local git repo, and append audit entries to ~/.openclaw/skills-audit/logs.ndjson. Before enabling automated monitoring or cron-based notifications you should: (1) run the init and a manual scan yourself and inspect ~/.openclaw/skills-audit/logs.ndjson and snapshots to confirm what will be collected; (2) confirm that no secrets (API keys, private keys, credentials) are stored inside skills you don't want logged — the scanner will read any files under the skills tree and may include snippets in logs; (3) review and customize templates/notify.txt so external notifications do not leak sensitive diffs, and only create cron jobs after you explicitly approve the command and delivery channel; (4) if you prefer, run the scanner in an isolated environment for the first pass. The code uses only standard-library modules and git, so there are no hidden external dependencies in the package itself.

Type: OpenClaw Skill Name: test0413-6348 Version: 1.5.3 This skill is a security auditing and monitoring framework designed to perform static analysis and integrity tracking of other OpenClaw skills. It uses Python scripts (skills_audit.py and skills_watch_and_notify.py) to maintain a local git-based snapshot of the workspace, generate append-only audit logs (NDJSON), and detect high-risk patterns such as shell injection or data exfiltration signatures defined in its configuration files. The instructions in SKILL.md are defensive, explicitly directing the AI agent to avoid automatically creating persistence (cron jobs) and to prioritize safe summaries over raw data exposure to prevent accidental leakage of sensitive information found in file diffs.