SecurityClaw

Security-first skill auditing and quarantine for OpenClaw skills. Use when installing new skills, reviewing skills from unknown sources, scanning skills for prompt injection/exfiltration/supply-chain risks, or when a bot suspects a skill is malicious. Guides static + optional sandbox checks, quarantines suspicious skills, and produces an owner-action checklist (Delete / Report / Allow / Scan all).

安装
$clawhub install securityclaw

SecurityClaw (Skill Scanner)

Use the scanner script

Run the scanner (read-only by default):

python3 scripts/securityclaw_scan.py --skills-dir ~/.openclaw/skills --out report.json

Quarantine anything suspicious (moves folders, no deletion):

python3 scripts/securityclaw_scan.py --skills-dir ~/.openclaw/skills --quarantine-dir ~/.openclaw/skills-quarantine --quarantine --out report.json

What to do when findings exist

If the report shows severity >= high for any skill:

1) Do not execute the skill. 2) Quarantine the skill folder. 3) Notify the owner with: - skill name - top reasons + file/line locations - recommended action 4) Await owner instruction: - Delete: remove quarantined skill - Report: prepare public report / IOCs (no secrets) - Allow: add allowlist entry and restore - Scan all: deep scan everything

Optional: sandbox/dynamic checks (advanced)

Dynamic checks are optional and should run only after owner approval.

  • Prefer running unknown code with:
    • no network egress
    • read-only filesystem except a temp workspace
    • no access to OpenClaw config/secrets

See references/sandboxing.md.

Files

  • scripts/securityclaw_scan.py — main scanner + quarantine

  • references/rules.md — rule catalog (what we flag and why)

  • references/sandboxing.md — safe sandbox strategy + what to avoid

详情

版本
v1.0.0
下载
1,527
星标
2
ClawHub
在 ClawHub 查看

热门 Skills

ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linking related objects, enforcing constraints, planning multi-step actions as graph transformations, or when skills need to share state. Trigger on "remember", "what do I know about", "link X to Y", "show dependencies", entity CRUD, or cross-skill data access.
Auto-Updater Skill
Automatically update Clawdbot and all installed skills once daily. Runs via cron, checks for updates, applies them, and messages the user with a summary of what changed.
Gmail
Gmail API integration with managed OAuth. Read, send, and manage emails, threads, labels, and drafts. Use this skill when users want to interact with Gmail. For other third party apps, use the api-gateway skill (https://clawhub.ai/byungkyu/api-gateway).