clawscan
3
总安装量
3
周安装量
#58386
全站排名
安装命令
npx skills add https://github.com/osmankidwai-bot/clawscan --skill clawscan
Agent 安装分布
openclaw
3
github-copilot
3
codex
3
kimi-cli
3
gemini-cli
3
cursor
3
Skill 文档
ClawScan Security
Quick Start
Run a full scan:
bash "$(dirname "$0")/scripts/scan.sh"
Usage
# Basic scan (shows failures only)
scripts/scan.sh
# Verbose (show all checks)
scripts/scan.sh --verbose
# JSON output
scripts/scan.sh --json
# Custom OpenClaw path
scripts/scan.sh --path /custom/openclaw/dir
# Formatted report
scripts/scan.sh --json | scripts/report.sh
What It Checks
Config Security (40 pts)
- Config file exists and is valid JSON
- No hardcoded API keys/tokens
- Gateway auth configured
- Gateway bind address secure
- HTTPS/TLS for remote access
- Model allowlist configured
- Exec security policy
File Exposure (25 pts)
- No passwords in MEMORY.md
- No .env files with secrets
- No private keys in workspace
- Workspace permissions secure
Skill Security (20 pts)
- Skills from known sources
- No exec override to ‘full’
- No unjustified elevated permissions
- Skills directory permissions
Network Security (15 pts)
- Gateway not publicly exposed without auth
- Webhooks use HTTPS
- Browser cookies secured
OpenClaw-Specific (35 pts) â NEW
- Gateway auth token strength
- Config file not world-readable
- Model allowlist not wildcard
- Cron job security (elevated flags, dangerous commands)
- Memory files not world-readable
- OpenClaw version current
- Session/workspace isolation
Tiers
- Free: All checks above. A-F grading. Text + JSON output.
- Pro ($19/mo): Advanced OS checks, trend tracking, severity scoring. Coming soon.
- Managed ($49/mo): Continuous monitoring, auto-remediation, alerting. Coming soon.
Check Documentation
- OS checks:
references/checks-os.md - OpenClaw checks:
references/checks-openclaw.md