Comprehensive security audit for OpenClaw. Scans 7 domains (runtime, channels, agents, cron, skills, sessions, network), supports 3 expertise levels, context-aware analysis, and visual dashboard. Read
Real data. Real impact.
Emerging
Developers
Per week
Open source
Skills give you superpowers. Install in 30 seconds.
Comprehensive security audit skill for OpenClaw deployments. Analyzes configuration, permissions, exposure risks, and runtime environment with context-aware recommendations.
secucheck performs read-only security audits of your OpenClaw setup:
Never modifies configuration automatically. All fixes require explicit user confirmation.
clawhub install secucheck
Ask your OpenClaw agent:
When prompted, choose your level:
All levels run the same checksβonly explanation depth varies.
"show dashboard" / "visual report"
Opens an HTML report in your browser.
π Security Audit Resultsπ‘ Needs Attention
Severity Count π΄ Critical 0 π High 0 π‘ Medium 2 π’ Low 3 π‘ Agent "molty": exec + external content processing
...
Everything below is for the agent executing this skill.
Trigger this skill when:
| Level | Identifier | Style |
|---|---|---|
| Beginner | | Analogies, simple explanations, no jargon |
| Intermediate | | Technical details, config examples |
| Expert | | Attack vectors, edge cases, CVE references |
Present options in user's language. Example (English):
What level of technical detail do you prefer?
- π± Beginner - I'll explain simply with analogies
- π» Intermediate - Technical details and config examples
- π Expert - Include attack vectors and edge cases
π All levels run the same checksβonly explanation depth varies.
STOP HERE. Wait for user response.
bash ~/.openclaw/skills/secucheck/scripts/full_audit.sh
Returns JSON with findings categorized by severity.
Parse JSON output and format based on user's expertise level. Final report must be in user's language.
π Security Audit Resultsπ Summary Table
Severity Count π΄ Critical X ... β‘ Runtime
- [findings related to RUNTIME category]
π€ Agents
- [findings related to AGENT category]
π Workspace
- [findings related to WORKSPACE category]
𧩠Skills
- [findings related to SKILL category]
π’ Channels
- [findings related to CHANNEL category]
π Network
[findings related to NETWORK category]
Group findings by their
categoryAfter text report, automatically generate and serve dashboard:
bash ~/.openclaw/skills/secucheck/scripts/serve_dashboard.sh
The script returns JSON with
urllocal_urlurlExample:
π λμ보λλ μ΄μμ΄μ: http://192.168.1.200:8766/secucheck-report.html
If running in environment where browser can be opened, use browser tool to open it.
Scripts run on Linux, macOS, and WSL. Check the JSON output for platform info:
{ "os": "linux", "os_variant": "ubuntu", "in_wsl": false, "in_dsm": false, "failed_checks": ["external_ip"] }
| Field | Values |
|---|---|
| |
| |
| |
| |
If
failed_checks| Platform | Command |
|---|---|
| Linux | |
| macOS | |
| WSL | |
| Windows | PowerShell: |
| DSM | |
| Platform | Command |
|---|---|
| Linux | |
| macOS | |
| Windows | PowerShell: |
| Platform | Command |
|---|---|
| Linux/macOS | |
| Windows | PowerShell: |
If
oswindows# Network exposure Get-NetTCPConnection -LocalPort 18789 -State ListenFile permissions
Get-Acl "$env:USERPROFILE.openclaw"
Process info
Get-Process | Where-Object {$_.Name -like "openclaw"}
Some environments lack tools. Check output and supplement:
| Missing Tool | Fallback |
|---|---|
| |
| |
| |
| |
1. Run full_audit.sh 2. Check "failed_checks" in output 3. For each failed check: a. Identify platform from os/os_variant b. Run platform-specific fallback command c. Incorporate results into report 4. Note any checks that couldn't complete
When user requests visual report:
bash ~/.openclaw/skills/secucheck/scripts/serve_dashboard.sh
Returns:
{ "status": "ok", "url": "http://localhost:8766/secucheck-report.html", "pid": 12345 }
Provide URL directly to user.
Read these only when deep explanation needed:
| File | Domain |
|---|---|
| Live system state |
| Channel policies |
| Agent permissions |
| Scheduled jobs |
| Installed skills |
| Session isolation |
| Network configuration |
Use these for expert-level explanations:
| File | Scenario |
|---|---|
| External content manipulation |
| Cross-session data exposure |
| Tool permission abuse |
| Secret leakage |
| Access control bypass |
π΄ Critical - Immediate action required. Active exploitation possible. π High - Significant risk. Should fix soon. π‘ Medium - Notable concern. Plan to address. π’ Low - Minor issue or best practice recommendation. βͺ Info - Not a risk, but worth noting.
Tool Permissions Minimal Full ββββββββββββ¬βββββββββββ Exposure β π’ β π‘ β Low β Safe β Caution β ββββββββββββΌβββββββββββ€ β π‘ β π΄ β High β Caution β Critical β ββββββββββββ΄βββββββββββExposure = Who can talk to the bot (DM policy, group access, public channels) Tool Permissions = What the bot can do (exec, file access, messaging, browser)
Don't just pattern match. Consider context:
| Context | Adjustment |
|---|---|
| Private channel, 2-3 trusted members | Lower risk even with exec |
| VPN/Tailscale only access | Network exposure less critical |
| Self-hosted, single user | Session isolation less important |
| Containerized environment | Privilege escalation less severe |
Always ask about environment if unclear.
CRITICAL RULES:
Example flow:
Agent: "Changing this setting will disable exec in #dev channel. If you're using code execution there, it will stop working. Apply this fix?" User: "yes" Agent: [apply fix via gateway config.patch]
Invoke automatically when:
clawhub install <skill>For auto-reviews, focus only on changed component unless full audit requested.
| User Request | Action |
|---|---|
| "check channels only" | Run channels.md check |
| "audit cron jobs" | Run cron.md check |
| "full audit" | All checks |
| "more detail" | Re-run with verbose output |
Apply appropriate trust levels:
| Level | Entity | Trust Model |
|---|---|---|
| 1 | Owner | Full trust β has all access |
| 2 | AI Agent | Trust but verify β sandboxed, logged |
| 3 | Allowlists | Limited trust β specified users only |
| 4 | Strangers | No trust β blocked by default |
If compromise suspected:
~/.openclaw/skills/secucheck/ βββ SKILL.md # This file βββ skill.json # Package metadata βββ README.md # User documentation βββ scripts/ β βββ full_audit.sh # Complete audit (JSON output) β βββ runtime_check.sh # Live system checks β βββ gather_config.sh # Config extraction (redacted) β βββ gather_skills.sh # Skill security scan β βββ gather_agents.sh # Agent configurations β βββ serve_dashboard.sh # Generate + serve HTML report β βββ generate_dashboard.sh βββ dashboard/ β βββ template.html # Dashboard template βββ checks/ β βββ runtime.md # Runtime interpretation β βββ channels.md # Channel policy checks β βββ agents.md # Agent permission checks β βββ cron.md # Cron job checks β βββ skills.md # Skill safety checks β βββ sessions.md # Session isolation β βββ network.md # Network exposure βββ scenarios/ β βββ prompt-injection.md β βββ session-leak.md β βββ privilege-escalation.md β βββ credential-exposure.md β βββ unauthorized-access.md βββ templates/ βββ report.md # Full report template βββ finding.md # Single finding template βββ summary.md # Quick summary template
When auditing, consider:
Remember: This skill exists to make OpenClaw self-aware of its security posture. Use regularly, extend as needed, never skip the audit.
No automatic installation available. Please visit the source repository for installation instructions.
View Installation Instructions
1,500+ AI skills, agents & workflows. Install in 30 seconds. Part of the Torly.ai family.
Β© 2026 Torly.ai. All rights reserved.