Config Hardener

Audit an OpenClaw installation and generate a prioritized, ready-to-apply hardening plan for AGENTS.md, gateway, sandbox, and permissions.

triggers:config hardensecurity auditAGENTS.mdgateway settingssandbox

GitHub SKILL.md

What it does

Config Hardener audits an OpenClaw project for common security misconfigurations and produces clear, prioritized hardening recommendations plus ready-to-use config templates (e.g. AGENTS.md and .openclaw settings). It inspects AGENTS.md, gateway settings, sandbox and permission policies and outputs findings with remediation steps and diffs you can review.

When to use it

Run this skill before enabling broad or untrusted skill usage on a host, when onboarding new repositories, or after upgrading OpenClaw. Use it to generate templates when AGENTS.md is missing or to verify gateway and sandbox settings after deployment.

What's included

Scripts: none bundled (has_scripts=false)
References: none bundled (has_references=false)
Instructions: step-by-step checklist for auditing AGENTS.md, gateway settings, skill permission policies, and sandbox configuration; plus a generated AGENTS.md template and example .openclaw settings and an output format for a security audit report.

Compatible agents

Works with CLI-driven agent environments and LLM-based execution layers (Codex/Claude/GPT-like toolchains) that can read repository files and present diffs. It is repository-agnostic and intended for OpenClaw deployments and operator workflows.

Not yet audited

This skill has not been reviewed by our automated audit pipeline yet.

Information

Repository: openclaw-skills-security
Stars: 62
Installs: 0

Related Skills

TradeOS

Natural-language driven CEX trading and portfolio management for agents: API key vaulting, multi-exchange orders, DCA, arbitrage scanning, alerts and security r

Spring Boot Migration

Guided, phased migration for existing Spring Boot apps to Boot 4 / Java 25 (including Modulith 2 and Testcontainers 2), with scanners and reference guides.

Java 25 & Spring Boot 4 Code Reviewer

Run focused, evidence-based code reviews for Java 25 and Spring Boot 4 projects — migration risks, architecture boundaries, null-safety (JSpecify), security, an

ArcKit — French Public Procurement (fr-marche-public)

Generates French public procurement (Dossier de Consultation des Entreprises) drafts aligned with the Code de la Commande Publique, UGAP frameworks, and DINUM d

ArcKit Architecture Conformance

Run a systematic architecture conformance assessment that compares ADRs and principles against HLD/DLD artifacts to surface drift, violations, and technical deb

Speak Security Basics

Security best practices for integrating Speak: API key management, audio data privacy, student data protection, and COPPA/FERPA compliance for production deploy

Replit — Advanced Troubleshooting

Step-by-step diagnostics and debugging techniques for deep Replit issues: Nix build failures, container crash loops, memory leaks, and platform vs app isolation

Vercel Common Errors

Diagnose and fix common Vercel build, serverless runtime, and edge/routing errors with step-by-step checks and fixes.

Back to Skills

Config Hardener

from openclaw-skills-security62

Audit an OpenClaw installation and generate a prioritized, ready-to-apply hardening plan for AGENTS.md, gateway, sandbox, and permissions.

triggers:config hardensecurity auditAGENTS.mdgateway settingssandbox

GitHub SKILL.md

What it does

When to use it

What's included

Scripts: none bundled (has_scripts=false)
References: none bundled (has_references=false)
Instructions: step-by-step checklist for auditing AGENTS.md, gateway settings, skill permission policies, and sandbox configuration; plus a generated AGENTS.md template and example .openclaw settings and an output format for a security audit report.

Compatible agents

Not yet audited

This skill has not been reviewed by our automated audit pipeline yet.

Information

Repository: openclaw-skills-security
Stars: 62
Installs: 0

Related Skills

TradeOS

Natural-language driven CEX trading and portfolio management for agents: API key vaulting, multi-exchange orders, DCA, arbitrage scanning, alerts and security r

Spring Boot Migration

Guided, phased migration for existing Spring Boot apps to Boot 4 / Java 25 (including Modulith 2 and Testcontainers 2), with scanners and reference guides.

Java 25 & Spring Boot 4 Code Reviewer

Run focused, evidence-based code reviews for Java 25 and Spring Boot 4 projects — migration risks, architecture boundaries, null-safety (JSpecify), security, an

ArcKit — French Public Procurement (fr-marche-public)

Generates French public procurement (Dossier de Consultation des Entreprises) drafts aligned with the Code de la Commande Publique, UGAP frameworks, and DINUM d

ArcKit Architecture Conformance

Run a systematic architecture conformance assessment that compares ADRs and principles against HLD/DLD artifacts to surface drift, violations, and technical deb

Speak Security Basics

Security best practices for integrating Speak: API key management, audio data privacy, student data protection, and COPPA/FERPA compliance for production deploy

Replit — Advanced Troubleshooting

Step-by-step diagnostics and debugging techniques for deep Replit issues: Nix build failures, container crash loops, memory leaks, and platform vs app isolation

Vercel Common Errors

Diagnose and fix common Vercel build, serverless runtime, and edge/routing errors with step-by-step checks and fixes.

Config Hardener

What it does

When to use it

What's included

Compatible agents

Tags

Not yet audited

Information

Related Skills

Config Hardener

What it does

When to use it

What's included

Compatible agents

Tags

Not yet audited

Information

Related Skills