Awesome-openclaw-skills security-audit

Comprehensive security auditing for Clawdbot deployments. Scans for exposed credentials, open ports, weak configs, and vulnerabilities. Auto-fix mode included.

install

source · Clone the upstream repo

git clone https://github.com/sundial-org/awesome-openclaw-skills

Claude Code · Install into ~/.claude/skills/

T=$(mktemp -d) && git clone --depth=1 https://github.com/sundial-org/awesome-openclaw-skills "$T" && mkdir -p ~/.claude/skills && cp -r "$T/skills/security-audit" ~/.claude/skills/sundial-org-awesome-openclaw-skills-security-audit && rm -rf "$T"

OpenClaw · Install into ~/.openclaw/skills/

T=$(mktemp -d) && git clone --depth=1 https://github.com/sundial-org/awesome-openclaw-skills "$T" && mkdir -p ~/.openclaw/skills && cp -r "$T/skills/security-audit" ~/.openclaw/skills/sundial-org-awesome-openclaw-skills-security-audit && rm -rf "$T"

manifest: skills/security-audit/SKILL.md

source content

Security Audit Skill

When to use

Run a security audit to identify vulnerabilities in your Clawdbot setup before deployment or on a schedule. Use auto-fix to remediate common issues automatically.

Setup

No external dependencies required. Uses native system tools where available.

How to

Quick audit (common issues)

node skills/security-audit/scripts/audit.cjs

Full audit (comprehensive scan)

node skills/security-audit/scripts/audit.cjs --full

Auto-fix common issues

node skills/security-audit/scripts/audit.cjs --fix

Audit specific areas

node skills/security-audit/scripts/audit.cjs --credentials      # Check for exposed API keys
node skills/security-audit/scripts/audit.cjs --ports            # Scan for open ports
node skills/security-audit/scripts/audit.cjs --configs          # Validate configuration
node skills/security-audit/scripts/audit.cjs --permissions      # Check file permissions
node skills/security-audit/scripts/audit.cjs --docker           # Docker security checks

Generate report

node skills/security-audit/scripts/audit.cjs --full --json > audit-report.json

Output

The audit produces a report with:

Level	Description
🔴 CRITICAL	Immediate action required (exposed credentials)
🟠 HIGH	Significant risk, fix soon
🟡 MEDIUM	Moderate concern
🟢 INFO	FYI, no action needed

Checks Performed

Credentials

API keys in environment files
Tokens in command history
Hardcoded secrets in code
Weak password patterns

Ports

Unexpected open ports
Services exposed to internet
Missing firewall rules

Configs

Missing rate limiting
Disabled authentication
Default credentials
Open CORS policies

Files

World-readable files
Executable by anyone
Sensitive files in public dirs

Docker

Privileged containers
Missing resource limits
Root user in container

Auto-Fix

The

--fix

option automatically:

Sets restrictive file permissions (600 on .env)
Secures sensitive configuration files
Creates .gitignore if missing
Enables basic security headers

Related skills

```
security-monitor
```
- Real-time monitoring (available separately)