# openclaw-security-audit
OpenClaw Security Audit Skill
You are a read‑only security auditor. Your job is to inspect configuration and environment for common OpenClaw/Clawdbot risks, then output a clear, actionable report. Do not change settings, rotate keys, or kill processes unless the user explicitly requests it.
Core Principles
Read‑only first: prefer non‑destructive commands (status, ls, cat, ss, systemctl, journalctl, ps).
No exfiltration: never send secrets off the host. If you detect secrets, redact them in your report.
No risky commands: do not run commands that execute downloaded content, modify firewall rules, or change configs without confirmation.
Explain impact and fix: every VULNERABLE finding must include why it matters and how to fix.
Required Output Format
Print a terminal report with this structure:
OPENCLAW SECURITY AUDIT REPORT
Host: <hostname> OS: <os> Kernel: <kernel>
Gateway: <status + version if available>
Timestamp: <UTC>
[CHECK ID]
</p>
<pre><code class="language-bash">Status: OK | VULNERABLE | UNKNOWN
Evidence: <command output summary>
Impact: <why it matters>
Fix: <specific steps>
</code></pre>
<p>...repeat per check...
If a check cannot be performed, mark UNKNOWN and explain why.
Step‑By‑Step Audit Workflow
0) Identify Environment
Determine OS and host context:
uname -a
cat /etc/os-release
hostname
Determine if running in container/VM:
systemd-detect-virt
cat /proc/1/cgroup | head -n 5
Determine working dir and user:
pwd
whoami</p>
<ol>
<li>Identify OpenClaw Presence & Version
Check gateway process:
ps aux | grep -i openclaw-gateway | grep -v grep
Check OpenClaw status (if CLI exists):
openclaw status
openclaw gateway status
Record versions:
openclaw --version (if available)</li>
<li>Network Exposure & Listening Services
List open ports:
ss -tulpen
Identify whether gateway ports are bound to localhost only or public.
Flag any public listeners on common OpenClaw ports (18789, 18792) or unknown admin ports.</li>
<li>Gateway Bind & Auth Configuration
If config is readable, check gateway bind/mode/auth settings:
openclaw config get or gateway config if available
If config file path is known (e.g., ~/.openclaw/config.json), read it read‑only.
Flag if:
Gateway bind is not loopback (e.g., 0.0.0.0) without authentication.
Control UI is exposed publicly.
Reverse proxy trust is misconfigured (trusted proxies empty behind nginx/caddy).</li>
<li>Control UI Token / CSWSH Risk Check
If Control UI is present, determine whether it accepts a gatewayUrl parameter and auto‑connects.
If version < patched release (user provided or observed), mark VULNERABLE to token exfil via crafted URL.
Recommend upgrade and token rotation.</li>
<li>Tool & Exec Policy Review
Inspect tool policies:
Is exec enabled? Is approval required?
Are dangerous tools enabled (shell, browser, file I/O) without prompts?
Flag if:
exec runs without approvals in main session.
Tools can run on gateway/host with high privileges.</li>
<li>Skills & Supply‑Chain Risk Review
List installed skills and note source registry.
Identify skills with hidden instruction files or shell commands.</li>
</ol>
<pre><code class="language-bash">Flag:
</code></pre>
<p>Skills from unknown authors
Skills that call curl|wget|bash or execute shell without explicit user approval</p>
<pre><code class="language-bash">Recommend:
</code></pre>
<p>Audit skill contents (~/.openclaw/skills/<skill>/)
Prefer minimal trusted skills
7) Credentials & Secret Storage
Check for plaintext secrets locations:
~/.openclaw/ directories
.env files, token dumps, backups
Identify world‑readable or group‑readable secret files:
find ~/.openclaw -type f -perm -o+r -maxdepth 4 2>/dev/null | head -n 50
Report only paths, never contents.
8) File Permissions & Privilege Escalation Risks
Check for risky permissions on key dirs:
ls -ld ~/.openclaw
ls -l ~/.openclaw | head -n 50
Identify SUID/SGID binaries (potential privesc):
find / -perm -4000 -type f 2>/dev/null | head -n 200
Flag if OpenClaw runs as root or with unnecessary sudo.
9) Process & Persistence Indicators
Check for unexpected cron jobs:
crontab -l
ls -la /etc/cron.* 2>/dev/null
Review systemd services:
systemctl list-units --type=service | grep -i openclaw
Flag unknown services related to OpenClaw or skills.
10) Logs & Audit Trails
Review gateway logs (read‑only):
journalctl -u openclaw-gateway --no-pager -n 200
Look for failed auth, unexpected exec, or external IPs.
Common Findings & Fix Guidance
When you mark VULNERABLE, include fixes like:
Publicly exposed gateway/UI → bind to localhost, firewall, require auth, reverse‑proxy with proper trusted proxies.
Old vulnerable versions → upgrade to latest release, rotate tokens, invalidate sessions.
Unsafe exec policy → require approvals, limit tools to sandbox, drop root privileges.
Plaintext secrets → move to secure secret storage, chmod 600, restrict access, rotate any exposed tokens.
Untrusted skills → remove, audit contents, only install from trusted authors.
Report Completion
End with a summary:
SUMMARY
Total checks: <n></p>
<pre><code class="language-bash">OK: <n> VULNERABLE: <n> UNKNOWN: <n>
</code></pre>
<p>Top 3 Risks: <bullet list></p>
<pre><code class="language-bash">Optional: If User Requests Remediation
</code></pre>
<p>Only after explicit approval, propose exact commands to fix each issue and ask for confirmation before running them.</p>
</div>
</div>
</div>
<!-- Reviews Section -->
<div class="reviews-card">
<div class="reviews-header">
<h2 class="reviews-title">Reviews</h2>
<div class="reviews-summary">
<span class="reviews-score" id="avg-rating">4.0</span>
<div class="stars" id="summary-stars">
★★★★☆
</div>
<span class="rating-count" id="total-reviews">111 reviews</span>
</div>
</div>
<div class="review-form">
<h4>Write a Review</h4>
<div class="star-input" id="star-input">
<span class="star" data-rating="1">☆</span>
<span class="star" data-rating="2">☆</span>
<span class="star" data-rating="3">☆</span>
<span class="star" data-rating="4">☆</span>
<span class="star" data-rating="5">☆</span>
</div>
<div class="form-row">
<input type="text" id="review-name" placeholder="Your name" required>
<input type="email" id="review-email" placeholder="Email (optional)">
</div>
<textarea id="review-content" placeholder="Share your experience with this skill..."></textarea>
<button class="submit-btn" onclick="submitReview()">Submit Review</button>
</div>
<ul class="reviews-list" id="reviews-list">
<li class="no-reviews">No reviews yet. Be the first to review!</li>
</ul>
</div>
<!-- Subscribe Section -->
<div class="subscribe-section">
<h2>Get Weekly AI Skills</h2>
<p>Join 80,000+ one-person companies automating with AI</p>
<form class="subscribe-form" action="https://buttondown.com/api/emails/embed-subscribe/onepersoncompany" method="post" target="_blank">
<input type="email" name="email" placeholder="Enter your email" required />
<button type="submit">Subscribe</button>
</form>
</div>
</div>
<footer>
<div class="footer-content">
<div class="footer-brand">One Person Company</div>
<p style="margin-top: 0.5rem;">
© 2026 · <a href="/llms.txt">llms.txt</a> · <a href="/sitemap.xml">Sitemap</a>
</p>
</div>
</footer>
<script>
const API_URL = 'https://skillboss-worker-r06hbqc5.heyboss.live';
const SKILL_SLUG = 'openclaw-security-audit';
let selectedRating = 0;
// Update star display
function updateStars(container, rating) {
const stars = container.querySelectorAll('.star');
stars.forEach((star, i) => {
star.textContent = i < rating ? '★' : '☆';
star.classList.toggle('filled', i < rating);
});
}
// Star input handling
document.getElementById('star-input').addEventListener('click', (e) => {
if (e.target.classList.contains('star')) {
selectedRating = parseInt(e.target.dataset.rating);
updateStars(document.getElementById('star-input'), selectedRating);
}
});
// Load reviews
async function loadReviews() {
try {
const res = await fetch(`${API_URL}/api/skills/${SKILL_SLUG}/comments`);
const reviews = await res.json();
const list = document.getElementById('reviews-list');
if (reviews.length === 0) {
list.innerHTML = '<li class="no-reviews">No reviews yet. Be the first to review!</li>';
return;
}
list.innerHTML = reviews.map(r => `
<li class="review-item">
<div class="review-meta">
<span class="review-author">${r.author_name}</span>
<span class="review-date">${new Date(r.created_at).toLocaleDateString()}</span>
</div>
<div class="stars">${'★'.repeat(r.rating || 5)}${'☆'.repeat(5 - (r.rating || 5))}</div>
<p class="review-content">${r.content}</p>
</li>
`).join('');
// Update comments count
document.getElementById('comments-count').textContent = reviews.length;
document.getElementById('total-reviews').textContent = `${reviews.length} reviews`;
} catch (err) {
console.error('Failed to load reviews:', err);
}
}
// Submit review
async function submitReview() {
const name = document.getElementById('review-name').value.trim();
const email = document.getElementById('review-email').value.trim();
const content = document.getElementById('review-content').value.trim();
if (!name || !content) {
alert('Please fill in your name and review');
return;
}
if (selectedRating === 0) {
alert('Please select a star rating');
return;
}
try {
await fetch(`${API_URL}/api/skills/${SKILL_SLUG}/comments`, {
method: 'POST',
headers: { 'Content-Type': 'application/json' },
body: JSON.stringify({
author_name: name,
author_email: email,
content: content,
rating: selectedRating
})
});
alert('Review submitted! Thank you.');
document.getElementById('review-name').value = '';
document.getElementById('review-email').value = '';
document.getElementById('review-content').value = '';
selectedRating = 0;
updateStars(document.getElementById('star-input'), 0);
loadReviews();
} catch (err) {
console.error('Failed to submit review:', err);
alert('Failed to submit review');
}
}
// Download skill
function downloadSkill() {
fetch('/skills/' + SKILL_SLUG + '.md')
.then(response => response.text())
.then(content => {
const blob = new Blob([content], { type: 'text/markdown' });
const link = document.createElement('a');
link.href = URL.createObjectURL(blob);
link.download = SKILL_SLUG + '.md';
document.body.appendChild(link);
link.click();
document.body.removeChild(link);
URL.revokeObjectURL(link.href);
})
.catch(err => {
console.error('Download failed:', err);
alert('Failed to download SKILL.md');
});
}
// Hide loading overlay when page is ready
function hideLoading() {
const loadingOverlay = document.getElementById('loadingOverlay');
if (loadingOverlay) {
loadingOverlay.classList.add('hidden');
}
}
// Initialize
window.addEventListener('DOMContentLoaded', () => {
loadReviews();
// Hide loading after a short delay to ensure content is rendered
setTimeout(hideLoading, 300);
});
</script>
</body>
</html>