OpenClaw Security Guard

A comprehensive security tool for OpenClaw users to protect their AI assistant.

Features

🔍 Security Audit - Comprehensive security configuration check
🔐 Secret Scanner - Detect exposed API keys and tokens
👥 Access Control - Manage devices, users, and permissions
🔑 Token Manager - Rotate and validate tokens
📊 Security Report - Generate detailed security reports
🛡️ Hardening - Apply security best practices

Requirements

Python 3.6+
No external dependencies (uses stdlib)

Commands

# Run security audit
python3 {baseDir}/scripts/main.py audit

# Scan for secrets
python3 {baseDir}/scripts/main.py scan

# Generate report
python3 {baseDir}/scripts/main.py report --format md

# Check token status
python3 {baseDir}/scripts/main.py token status

# Access control
python3 {baseDir}/scripts/main.py access list

# Security hardening
python3 {baseDir}/scripts/main.py harden --fix

# Quick status check
python3 {baseDir}/scripts/main.py status

Options

--format, -f <format>    Output format: json, md, table (default: table)
--lang, -l <lang>        Language: en, zh (default: auto-detect)
--quiet, -q              Quiet mode, only output results
--verbose, -v            Verbose output
--output, -o <file>      Output file path
--deep                   Deep scan mode
--fix                    Auto-fix issues where possible

Security Checks

Category	Checks
Config	Gateway bind, auth mode, token strength
Secrets	API keys, tokens, passwords, private keys
Access	Devices, users, channels, sessions
Network	Public exposure, open ports

Examples

# Full audit with auto-fix
python3 {baseDir}/scripts/main.py audit --deep --fix

# Generate markdown report
python3 {baseDir}/scripts/main.py report --format md -o security.md

# Scan for specific pattern
python3 {baseDir}/scripts/main.py scan --pattern "sk-"

# List all paired devices
python3 {baseDir}/scripts/main.py access devices

# Generate JSON report
python3 {baseDir}/scripts/main.py report --format json

Output Formats

Table (default)

🔐 OpenClaw Security Guard v1.0.0
━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━

📊 Security Score: 72/100 ⚠️

🔴 HIGH RISK
  • API Key exposed in config file
    Location: ~/.openclaw/openclaw.json:15

JSON

{
  "score": 72,
  "findings": [...]
}

Markdown

# Security Report
**Score**: 72/100

Languages

English (en)
中文 (zh)

Auto-detected based on system locale.

License

MIT

Version

v1.0.0

Features

🔍 Security Audit - Comprehensive security configuration check

🔐 Secret Scanner - Detect exposed API keys and tokens

👥 Access Control - Manage devices, users, and permissions

🔑 Token Manager - Rotate and validate tokens

📊 Security Report - Generate detailed security reports

🛡️ Hardening - Apply security best practices

Commands

# Run security audit python3 {baseDir}/scripts/main.py audit # Scan for secrets python3 {baseDir}/scripts/main.py scan # Generate report python3 {baseDir}/scripts/main.py report --format md # Check token status python3 {baseDir}/scripts/main.py token status # Access control python3 {baseDir}/scripts/main.py access list # Security hardening python3 {baseDir}/scripts/main.py harden --fix # Quick status check python3 {baseDir}/scripts/main.py status

Options

--format, -f <format> Output format: json, md, table (default: table) --lang, -l <lang> Language: en, zh (default: auto-detect) --quiet, -q Quiet mode, only output results --verbose, -v Verbose output --output, -o <file> Output file path --deep Deep scan mode --fix Auto-fix issues where possible

Openclaw Security Toolkit

OpenClaw Security Guard

Features

Requirements

Commands

Options

Security Checks

Examples

Output Formats

Table (default)

JSON

Markdown

Languages

License

Version

Download

Skill Info

Openclaw Security Toolkit

OpenClaw Security Guard

Features

Requirements

Commands

Options

Security Checks

Examples

Output Formats

Table (default)

JSON

Markdown

Languages

License

Version

Download

Skill Info