Dont Hack Me

別駭我!基本安全檢測 — Security self-check for Clawdbot/Moltbot. Run a quick audit of your clawdbot.json to catch dangerous misconfigurations — exposed gateway, missing auth, open DM policy, weak tokens, loose file permissions. Auto-fix included. Invoke: "run a security check" or "幫我做安全檢查".

설치
$clawhub install dont-hack-me

dont-hack-me

Security self-check skill for Clawdbot / Moltbot. Reads ~/.clawdbot/clawdbot.json and checks 7 items that cover the most common misconfigurations. Outputs a simple PASS / FAIL / WARN report.

How to run

Say any of:

  • "run a security check"
  • "check my security settings"
  • "audit my clawdbot config"
  • "am I secure?"

Checklist — step by step

When this skill is triggered, follow these steps exactly:

Step 0 — Read the config

Use the read tool to open ~/.clawdbot/clawdbot.json. Parse the JSON content. If the file does not exist or is unreadable, report an error and stop.

Also run a shell command to get the file permissions: stat -f '%Lp' ~/.clawdbot/clawdbot.json (On Linux: stat -c '%a' ~/.clawdbot/clawdbot.json)

Step 1 — Gateway Bind

  • Path: gateway.bind
  • Expected: "loopback" or "localhost" or "127.0.0.1" or "::1"
  • PASS if the value is one of the above or the key is absent (default is "loopback")
  • FAIL if the value is "0.0.0.0", "::", or any non-loopback address
  • Severity: CRITICAL — a non-loopback bind exposes your agent to the network

Step 2 — Gateway Auth Mode

  • Path: gateway.auth.mode
  • Expected: "token" or "password"
  • PASS if the value is "token" or "password", or the key is absent (default is "token")
  • FAIL if the value is "off" or "none"
  • Severity: CRITICAL — without auth anyone who can reach the gateway can control your agent

Step 3 — Token Strength

  • Path: gateway.auth.token
  • Expected: 32 or more characters
  • PASS if the token is >= 32 characters
  • WARN if the token is 16–31 characters
  • FAIL if the token is < 16 characters or empty
  • SKIP if auth mode is "password" (passwords are user-chosen, don't judge length)
  • Severity: HIGH — short tokens are vulnerable to brute-force

Step 4 — DM Policy (per channel)

  • Path: channels.<name>.dmPolicy for each channel
  • Expected: "pairing" — or if "open", there must be a non-empty allowFrom array
  • PASS if dmPolicy is "pairing", or if allowFrom has at least one entry
  • FAIL if dmPolicy is "open" and allowFrom is missing or empty
  • SKIP if no channels are configured
  • Severity: HIGH — an open DM policy lets anyone send commands to your agent

Step 5 — Group Policy (per channel)

  • Path: channels.<name>.groupPolicy for each channel
  • Expected: "allowlist"
  • PASS if groupPolicy is "allowlist" or absent (default is "allowlist")
  • FAIL if groupPolicy is "open" or "any"
  • SKIP if no channels are configured
  • Severity: HIGH — non-allowlist group policy lets any group trigger your agent

Step 6 — File Permissions

  • Check: file mode of ~/.clawdbot/clawdbot.json
  • Expected: 600 or 400 (owner read/write only)
  • PASS if permissions are 600 or 400
  • WARN if permissions are 644 or 640 (group/other can read)
  • FAIL if permissions are 777, 755, 666, or anything world-writable
  • Severity: MEDIUM — loose permissions let other users on the system read your tokens

Step 7 — Plaintext Secrets Scan

  • Check: scan all string values in the JSON for keys named password, secret, apiKey, api_key, privateKey, private_key (case-insensitive) that contain a non-empty string value
  • PASS if no such keys are found
  • WARN if such keys exist — remind the user to consider using environment variables or a secrets manager
  • Note: token fields used for gateway auth are expected and should NOT be flagged
  • Severity: MEDIUM — plaintext secrets in config files can be leaked through backups, logs, or version control

Output format

After completing all checks, output a report in this exact format:

🔒 Security Check Report

1. Gateway Bind        <ICON> <STATUS> — <detail>
2. Gateway Auth        <ICON> <STATUS> — <detail>
3. Token Strength      <ICON> <STATUS> — <detail>
4. DM Policy           <ICON> <STATUS> — <detail>
5. Group Policy        <ICON> <STATUS> — <detail>
6. File Permissions    <ICON> <STATUS> — <detail>
7. Secrets Scan        <ICON> <STATUS> — <detail>

Score: X/7 PASS, Y WARN, Z FAIL

Where: - <ICON> is one of: ✅ (PASS), ⚠️ (WARN), ❌ (FAIL), ⏭️ (SKIP) - <STATUS> is one of: PASS, WARN, FAIL, SKIP - <detail> is a short explanation (e.g., "loopback", "token mode", "48 chars", "permissions 600")

Auto-fix flow

If any item is FAIL or WARN, do the following:

  1. Show the report first (as above).
  2. List each fixable item with a short description of what will be changed.
  3. Ask the user: "Want me to fix these? (yes / no / pick)"
    • yes — fix all FAIL and WARN items automatically.
    • no — stop, do nothing.
    • pick — let the user choose which items to fix.
  4. Apply the fixes (see Fix recipes below).
  5. After applying, re-read the config and re-run the full check to confirm everything is PASS.
  6. If the config was changed, remind the user: "Run clawdbot gateway restart to apply the new settings."

Fix recipes

Use these exact fixes for each item. Edit ~/.clawdbot/clawdbot.json using the edit/write tool.

#1 Gateway Bind — FAIL

Set gateway.bind to "loopback": json { "gateway": { "bind": "loopback" } }

#2 Gateway Auth — FAIL

Set gateway.auth.mode to "token". If no token exists yet, also generate one: json { "gateway": { "auth": { "mode": "token", "token": "<GENERATED>" } } } Generate the token with: bash openssl rand -hex 24 That produces a 48-character hex string (192-bit entropy).

#3 Token Strength — FAIL / WARN

Replace the existing token with a new strong one: bash openssl rand -hex 24 Write the output into gateway.auth.token.

#4 DM Policy — FAIL

Set dmPolicy to "pairing" for each affected channel: json { "channels": { "<name>": { "dmPolicy": "pairing" } } }

#5 Group Policy — FAIL

Set groupPolicy to "allowlist" for each affected channel: json { "channels": { "<name>": { "groupPolicy": "allowlist" } } }

#6 File Permissions — FAIL / WARN

Run: bash chmod 600 ~/.clawdbot/clawdbot.json

#7 Secrets Scan — WARN

This one cannot be auto-fixed safely. Instead, list each flagged key and remind the user: - Move the value to an environment variable - Or use a secrets manager - Reference it in the config as "$ENV_VAR_NAME" if the platform supports it

Important rules for auto-fix

  • Always back up first. Before writing any changes, copy the original: bash cp ~/.clawdbot/clawdbot.json ~/.clawdbot/clawdbot.json.bak
  • Merge, don't overwrite. Read the full JSON, modify only the specific keys, write back the complete JSON. Never lose existing settings.
  • Preserve formatting. Write the JSON with 2-space indentation.
  • One write operation. Collect all JSON fixes, apply them in a single write to avoid partial states.
  • Token replacement requires restart. If the gateway token was changed, the user must update any paired clients with the new token. Warn: "Your gateway token was changed. Any paired devices will need the new token to reconnect."

What this skill does NOT check

  • Sandbox configuration (not needed for most setups)
  • Network isolation / Docker (macOS native setups don't use it)
  • MCP tool permissions (too complex for a basic audit)
  • Whether your OS firewall is configured
  • Whether your agent code has vulnerabilities

For a more comprehensive audit, see community tools like clawdbot-security-check.

Reference

Based on the community-compiled "Top 10 Clawdbot/Moltbot Security Vulnerabilities" list. Covers 7 of the 10 items that apply to typical macOS-native deployments.

小安 Ann Agent — Taiwan 台灣 Building skills and local MCP services for all AI agents, everywhere. 為所有 AI Agent 打造技能與在地 MCP 服務,不限平台。

세부 정보

버전
v1.0.1
다운로드
3,863
별점
25
ClawHub
ClawHub에서 보기

인기 Skills

Larry
Automate TikTok slideshow marketing for any app or product. Researches competitors, generates AI images, adds text overlays, posts via Postiz, tracks analytics, and iterates on what works. Use when setting up TikTok marketing automation, creating slideshow posts, analyzing post performance, optimizing app marketing funnels, or when a user mentions TikTok growth, slideshow ads, or social media marketing for their app. Covers competitor research (browser-based), image generation, text overlays, TikTok posting (Postiz API), cross-posting to Instagram/YouTube/Threads, analytics tracking, hook testing, CTA optimization, conversion tracking with RevenueCat, and a full feedback loop that adjusts hooks and CTAs based on views vs conversions.
API Gateway
Connect to 100+ APIs (Google Workspace, Microsoft 365, GitHub, Notion, Slack, Airtable, HubSpot, etc.) with managed OAuth. Use this skill when users want to interact with external services. Security: The MATON_API_KEY authenticates with Maton.ai but grants NO access to third-party services by itself. Each service requires explicit OAuth authorization by the user through Maton's connect flow. Access is strictly scoped to connections the user has authorized. Provided by Maton (https://maton.ai).
Calendly
Calendly API integration with managed OAuth. Access event types, scheduled events, invitees, availability, and manage webhooks. Use this skill when users want to view scheduling data, check availability, book meetings, or integrate with Calendly workflows. For other third party apps, use the api-gateway skill (https://clawhub.ai/byungkyu/api-gateway).