--- name: "openclaw-security-guard" description: "Security guard for OpenClaw users. Audit configs, scan secrets, manage access, and generate security reports." --- # OpenClaw Security Guard A comprehensive security tool for OpenClaw users to protect their AI assistant. ## Features - πŸ” **Security Audit** - Comprehensive security configuration check - πŸ” **Secret Scanner** - Detect exposed API keys and tokens - πŸ‘₯ **Access Control** - Manage devices, users, and permissions - πŸ”‘ **Token Manager** - Rotate and validate tokens - πŸ“Š **Security Report** - Generate detailed security reports - πŸ›‘οΈ **Hardening** - Apply security best practices ## Requirements - Python 3.6+ - No external dependencies (uses stdlib) ## Commands ```bash # Run security audit python3 {baseDir}/scripts/main.py audit # Scan for secrets python3 {baseDir}/scripts/main.py scan # Generate report python3 {baseDir}/scripts/main.py report --format md # Check token status python3 {baseDir}/scripts/main.py token status # Access control python3 {baseDir}/scripts/main.py access list # Security hardening python3 {baseDir}/scripts/main.py harden --fix # Quick status check python3 {baseDir}/scripts/main.py status ``` ## Options ``` --format, -f Output format: json, md, table (default: table) --lang, -l Language: en, zh (default: auto-detect) --quiet, -q Quiet mode, only output results --verbose, -v Verbose output --output, -o Output file path --deep Deep scan mode --fix Auto-fix issues where possible ``` ## Security Checks | Category | Checks | |----------|--------| | Config | Gateway bind, auth mode, token strength | | Secrets | API keys, tokens, passwords, private keys | | Access | Devices, users, channels, sessions | | Network | Public exposure, open ports | ## Examples ```bash # Full audit with auto-fix python3 {baseDir}/scripts/main.py audit --deep --fix # Generate markdown report python3 {baseDir}/scripts/main.py report --format md -o security.md # Scan for specific pattern python3 {baseDir}/scripts/main.py scan --pattern "sk-" # List all paired devices python3 {baseDir}/scripts/main.py access devices # Generate JSON report python3 {baseDir}/scripts/main.py report --format json ``` ## Output Formats ### Table (default) ``` πŸ” OpenClaw Security Guard v1.0.0 ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ πŸ“Š Security Score: 72/100 ⚠️ πŸ”΄ HIGH RISK β€’ API Key exposed in config file Location: ~/.openclaw/openclaw.json:15 ``` ### JSON ```json { "score": 72, "findings": [...] } ``` ### Markdown ```markdown # Security Report **Score**: 72/100 ``` ## Languages - English (en) - δΈ­ζ–‡ (zh) Auto-detected based on system locale. ## License MIT ## Version v1.0.0