OpenClaw Security Monitor

Trust Score 85/100

from openclaw-security-monitor37

Proactive security monitoring, threat scanning and automated remediation for OpenClaw deployments.

triggers:security scanremediateiocsecurity dashboardclawhub scan

GitHub SKILL.md

What it does

Real-time security monitoring and remediation tooling for OpenClaw installations. Provides a 41-point automated security scan, local IOC checks, a read-only dashboard, network and process checks, and scripted remediation steps for common attack vectors. Includes utilities to scan installed skills and quarantine or remediate findings.

When to use it

Run this skill when you want to verify the security posture of an OpenClaw host, perform routine threat scans, check installed skills for malicious patterns, or apply scripted hardening/remediation after alerts. Useful for incident response, periodic audits, and pre-deployment checks.

What's included

Scripts: CLI wrappers for scanning, remediation, network checks, dashboard and ClawHub scans (scan.sh, remediate.sh, network-check.sh, dashboard.sh).
References: Threat intelligence sources, CVE/GHSA references and IOC files included in the repository.
Instructions: Clear command examples for running full scans, targeted remediation, dry-run previews, and Telegram alert setup. Guidance on safe defaults and explicit opt-ins for unattended remediation.

Compatible agents

Likely compatible with OpenClaw agent runtimes and CLI-driven automation environments (agents that can run shell scripts and read local files).

Audit Summary

Comprehensive 41-point security scanner for OpenClaw deployments covering CVEs, GHSAs, C2 detection, reverse shells, credential exfiltration, and more. 8 scripts provided — clawhub-scan, daily-scan-cron, network-check, and update-ioc ran cleanly; scan.sh and dashboard.sh timed out (scan is 96KB, very thorough); telegram-setup correctly requires env var; remediate ran but found nothing to fix in our clean environment. IOC database included with update mechanism. Well-documented with clear exit codes and safety guards.

Watch Out

scan.sh is very large (96KB) and may timeout in sandbox environments
Remediation (--yes) requires OPENCLAW_ALLOW_UNATTENDED_REMEDIATE=1 — without it, --yes is silently ignored
IOC updates from untrusted repos require OPENCLAW_ALLOW_UNTRUSTED_IOC_SOURCE=1
Dashboard and scan scripts may hang waiting for interactive input or network checks

Missing Dependencies

witr (optional, for process trees in dashboard)

Notes

Legitimate security monitoring tool. No malicious patterns detected. Scripts read sensitive paths (.ssh, .env, credentials) but explicitly for detection only — never transmit or exfiltrate. Remediation scripts can modify the system but require explicit opt-in flags. IOC update mechanism fetches from trusted GitHub repo with validation and trust verification. Overall well-designed security tool with appropriate safety guards.

Information

Repository: openclaw-security-monitor
Stars: 37
Installs: 0

Trust Score

Overall85

Security92

Code Quality76

Architecture82

Usefulness88

Related Skills

AWP (Agent Work Protocol)

Tooling and scripts for onboarding, staking, allocation, and managing agents on the AWP network (Base/Ethereum/Arbitrum/BSC). Includes safe, opt-in daemon and r

Reverse Engineer

Provides step-by-step guidance and best practices for binary reverse engineering: static analysis, dynamic tracing, disassembly, and documentation workflows for

Sandbox0 Integration

Guidance and templates for integrating Sandbox0 sandboxing into AI agents — CLI/SDK patterns, templates, volumes, network policy, and deployment choices.

Cost Tracker

Monitor agent session costs, set budget alerts, and get actionable token-spend optimizations to keep multi-session workflows within budget.

Unitree Robot Controller

Control and command Unitree robots (GO1/GO2/G1/H1) via OpenClaw: initialization, basic motion commands, and sensor integrations.

Canary — Post-Deploy Visual Monitor

Run a short post-deploy monitor that captures screenshots, checks console errors, and compares performance against baselines to detect regressions and page fail

CTF Write-up Generator

Generate a concise, reproducible submission-style CTF writeup with a one-path solution script, metadata, and a short checklist for fast verification.

Monitoring Stack Deployer

Deploy and configure production-ready monitoring stacks (Prometheus, Grafana, Datadog) with collectors, dashboards, and alerting rules for Kubernetes, Docker, o

Back to Skills