audit-openclaw-security

Conducts security audits for OpenClaw deployments, minimizing attack surfaces and ensuring robust permissions and secret management.

Install this skill

or

79/100

Security score

The audit-openclaw-security skill was audited on May 22, 2026 and we found 5 security issues across 1 threat category. Review the findings below before installing.

Categories Tested

Security Issues

medium line 102

Access to hidden dotfiles in home directory

SourceSKILL.md

102	If they must share the full config, remind them OpenClaw config is JSON5 (`~/.openclaw/openclaw.json`), not strict JSON, and have them use the redaction script:

low line 105

Access to hidden dotfiles in home directory

SourceSKILL.md

105	python3 scripts/redact_openclaw_config.py ~/.openclaw/openclaw.json > openclaw.json5.redacted

medium line 164

Access to hidden dotfiles in home directory

SourceSKILL.md

164	4. File permissions on `~/.openclaw` (config/state/credentials)

medium line 238

Access to hidden dotfiles in home directory

SourceSKILL.md

238	- Tight permissions on `~/.openclaw` and `~/.openclaw/openclaw.json`.

medium line 239

Access to hidden dotfiles in home directory

SourceSKILL.md

239	- Treat session transcripts as sensitive (`~/.openclaw/agents/<agentId>/sessions/*.jsonl`).

Scanned on May 22, 2026

View Security Dashboard

Installation guide →

Rate this skill

Categorydevelopment

UpdatedJune 10, 2026

openclaw backend devops devops-sre security-engineer backend-developer development

meghal86/stacksignal