# Send Dont Hack Me to your agent
Hand the extracted package to your coding agent with a concrete install brief instead of figuring it out manually.
## Fast path
- Download the package from Yavira.
- Extract it into a folder your agent can access.
- Paste one of the prompts below and point your agent at the extracted folder.
## Suggested prompts
### New install

```text
I downloaded a skill package from Yavira. Read SKILL.md from the extracted folder and install it by following the included instructions. Tell me what you changed and call out any manual steps you could not complete.
```
### Upgrade existing

```text
I downloaded an updated skill package from Yavira. Read SKILL.md from the extracted folder, compare it with my current installation, and upgrade it while preserving any custom configuration unless the package docs explicitly say otherwise. Summarize what changed and any follow-up checks I should run.
```
## Machine-readable fields
```json
{
  "schemaVersion": "1.0",
  "item": {
    "slug": "dont-hack-me",
    "name": "Dont Hack Me",
    "source": "tencent",
    "type": "skill",
    "category": "安全合规",
    "sourceUrl": "https://clawhub.ai/peterokase42/dont-hack-me",
    "canonicalUrl": "https://clawhub.ai/peterokase42/dont-hack-me",
    "targetPlatform": "OpenClaw"
  },
  "install": {
    "downloadUrl": "/downloads/dont-hack-me",
    "sourceDownloadUrl": "https://wry-manatee-359.convex.site/api/v1/download?slug=dont-hack-me",
    "sourcePlatform": "tencent",
    "targetPlatform": "OpenClaw",
    "packageFormat": "ZIP package",
    "primaryDoc": "SKILL.md",
    "includedAssets": [
      "SKILL.md"
    ],
    "downloadMode": "redirect",
    "sourceHealth": {
      "source": "tencent",
      "slug": "dont-hack-me",
      "status": "healthy",
      "reason": "direct_download_ok",
      "recommendedAction": "download",
      "checkedAt": "2026-04-29T05:58:16.184Z",
      "expiresAt": "2026-05-06T05:58:16.184Z",
      "httpStatus": 200,
      "finalUrl": "https://wry-manatee-359.convex.site/api/v1/download?slug=dont-hack-me",
      "contentType": "application/zip",
      "probeMethod": "head",
      "details": {
        "probeUrl": "https://wry-manatee-359.convex.site/api/v1/download?slug=dont-hack-me",
        "contentDisposition": "attachment; filename=\"dont-hack-me-1.0.1.zip\"",
        "redirectLocation": null,
        "bodySnippet": null,
        "slug": "dont-hack-me"
      },
      "scope": "item",
      "summary": "Item download looks usable.",
      "detail": "Yavira can redirect you to the upstream package for this item.",
      "primaryActionLabel": "Download for OpenClaw",
      "primaryActionHref": "/downloads/dont-hack-me"
    },
    "validation": {
      "installChecklist": [
        "Use the Yavira download entry.",
        "Review SKILL.md after the package is downloaded.",
        "Confirm the extracted package contains the expected setup assets."
      ],
      "postInstallChecks": [
        "Confirm the extracted package includes the expected docs or setup files.",
        "Validate the skill or prompts are available in your target agent workspace.",
        "Capture any manual follow-up steps the agent could not complete."
      ]
    }
  },
  "links": {
    "detailUrl": "https://openagent3.xyz/skills/dont-hack-me",
    "downloadUrl": "https://openagent3.xyz/downloads/dont-hack-me",
    "agentUrl": "https://openagent3.xyz/skills/dont-hack-me/agent",
    "manifestUrl": "https://openagent3.xyz/skills/dont-hack-me/agent.json",
    "briefUrl": "https://openagent3.xyz/skills/dont-hack-me/agent.md"
  }
}
```
## Documentation

### dont-hack-me

Security self-check skill for Clawdbot / Moltbot.
Reads ~/.clawdbot/clawdbot.json and checks 7 items that cover the most
common misconfigurations. Outputs a simple PASS / FAIL / WARN report.

### How to run

Say any of:

"run a security check"
"check my security settings"
"audit my clawdbot config"
"am I secure?"

### Checklist — step by step

When this skill is triggered, follow these steps exactly:

### Step 0 — Read the config

Use the read tool to open ~/.clawdbot/clawdbot.json.
Parse the JSON content. If the file does not exist or is unreadable,
report an error and stop.

Also run a shell command to get the file permissions:

stat -f '%Lp' ~/.clawdbot/clawdbot.json

(On Linux: stat -c '%a' ~/.clawdbot/clawdbot.json)

### Step 1 — Gateway Bind

Path: gateway.bind
Expected: "loopback" or "localhost" or "127.0.0.1" or "::1"
PASS if the value is one of the above or the key is absent (default is "loopback")
FAIL if the value is "0.0.0.0", "::", or any non-loopback address
Severity: CRITICAL — a non-loopback bind exposes your agent to the network

### Step 2 — Gateway Auth Mode

Path: gateway.auth.mode
Expected: "token" or "password"
PASS if the value is "token" or "password", or the key is absent (default is "token")
FAIL if the value is "off" or "none"
Severity: CRITICAL — without auth anyone who can reach the gateway can control your agent

### Step 3 — Token Strength

Path: gateway.auth.token
Expected: 32 or more characters
PASS if the token is >= 32 characters
WARN if the token is 16–31 characters
FAIL if the token is < 16 characters or empty
SKIP if auth mode is "password" (passwords are user-chosen, don't judge length)
Severity: HIGH — short tokens are vulnerable to brute-force

### Step 4 — DM Policy (per channel)

Path: channels.<name>.dmPolicy for each channel
Expected: "pairing" — or if "open", there must be a non-empty allowFrom array
PASS if dmPolicy is "pairing", or if allowFrom has at least one entry
FAIL if dmPolicy is "open" and allowFrom is missing or empty
SKIP if no channels are configured
Severity: HIGH — an open DM policy lets anyone send commands to your agent

### Step 5 — Group Policy (per channel)

Path: channels.<name>.groupPolicy for each channel
Expected: "allowlist"
PASS if groupPolicy is "allowlist" or absent (default is "allowlist")
FAIL if groupPolicy is "open" or "any"
SKIP if no channels are configured
Severity: HIGH — non-allowlist group policy lets any group trigger your agent

### Step 6 — File Permissions

Check: file mode of ~/.clawdbot/clawdbot.json
Expected: 600 or 400 (owner read/write only)
PASS if permissions are 600 or 400
WARN if permissions are 644 or 640 (group/other can read)
FAIL if permissions are 777, 755, 666, or anything world-writable
Severity: MEDIUM — loose permissions let other users on the system read your tokens

### Step 7 — Plaintext Secrets Scan

Check: scan all string values in the JSON for keys named password, secret, apiKey, api_key, privateKey, private_key (case-insensitive) that contain a non-empty string value
PASS if no such keys are found
WARN if such keys exist — remind the user to consider using environment variables or a secrets manager
Note: token fields used for gateway auth are expected and should NOT be flagged
Severity: MEDIUM — plaintext secrets in config files can be leaked through backups, logs, or version control

### Output format

After completing all checks, output a report in this exact format:

🔒 Security Check Report

1. Gateway Bind        <ICON> <STATUS> — <detail>
2. Gateway Auth        <ICON> <STATUS> — <detail>
3. Token Strength      <ICON> <STATUS> — <detail>
4. DM Policy           <ICON> <STATUS> — <detail>
5. Group Policy        <ICON> <STATUS> — <detail>
6. File Permissions    <ICON> <STATUS> — <detail>
7. Secrets Scan        <ICON> <STATUS> — <detail>

Score: X/7 PASS, Y WARN, Z FAIL

Where:

<ICON> is one of: ✅ (PASS), ⚠️ (WARN), ❌ (FAIL), ⏭️ (SKIP)
<STATUS> is one of: PASS, WARN, FAIL, SKIP
<detail> is a short explanation (e.g., "loopback", "token mode", "48 chars", "permissions 600")

### Auto-fix flow

If any item is FAIL or WARN, do the following:

Show the report first (as above).
List each fixable item with a short description of what will be changed.
Ask the user: "Want me to fix these? (yes / no / pick)"

yes — fix all FAIL and WARN items automatically.
no — stop, do nothing.
pick — let the user choose which items to fix.


Apply the fixes (see Fix recipes below).
After applying, re-read the config and re-run the full check to confirm everything is PASS.
If the config was changed, remind the user: "Run clawdbot gateway restart to apply the new settings."

### Fix recipes

Use these exact fixes for each item. Edit ~/.clawdbot/clawdbot.json using the edit/write tool.

#1 Gateway Bind — FAIL

Set gateway.bind to "loopback":

{ "gateway": { "bind": "loopback" } }

#2 Gateway Auth — FAIL

Set gateway.auth.mode to "token". If no token exists yet, also generate one:

{ "gateway": { "auth": { "mode": "token", "token": "<GENERATED>" } } }

Generate the token with:

openssl rand -hex 24

That produces a 48-character hex string (192-bit entropy).

#3 Token Strength — FAIL / WARN

Replace the existing token with a new strong one:

openssl rand -hex 24

Write the output into gateway.auth.token.

#4 DM Policy — FAIL

Set dmPolicy to "pairing" for each affected channel:

{ "channels": { "<name>": { "dmPolicy": "pairing" } } }

#5 Group Policy — FAIL

Set groupPolicy to "allowlist" for each affected channel:

{ "channels": { "<name>": { "groupPolicy": "allowlist" } } }

#6 File Permissions — FAIL / WARN

Run:

chmod 600 ~/.clawdbot/clawdbot.json

#7 Secrets Scan — WARN

This one cannot be auto-fixed safely. Instead, list each flagged key and
remind the user:

Move the value to an environment variable
Or use a secrets manager
Reference it in the config as "$ENV_VAR_NAME" if the platform supports it

### Important rules for auto-fix

Always back up first. Before writing any changes, copy the original:
cp ~/.clawdbot/clawdbot.json ~/.clawdbot/clawdbot.json.bak


Merge, don't overwrite. Read the full JSON, modify only the specific
keys, write back the complete JSON. Never lose existing settings.
Preserve formatting. Write the JSON with 2-space indentation.
One write operation. Collect all JSON fixes, apply them in a single
write to avoid partial states.
Token replacement requires restart. If the gateway token was changed,
the user must update any paired clients with the new token.
Warn: "Your gateway token was changed. Any paired devices will need the
new token to reconnect."

### What this skill does NOT check

Sandbox configuration (not needed for most setups)
Network isolation / Docker (macOS native setups don't use it)
MCP tool permissions (too complex for a basic audit)
Whether your OS firewall is configured
Whether your agent code has vulnerabilities

For a more comprehensive audit, see community tools like clawdbot-security-check.

### Reference

Based on the community-compiled "Top 10 Clawdbot/Moltbot Security Vulnerabilities" list.
Covers 7 of the 10 items that apply to typical macOS-native deployments.

小安 Ann Agent — Taiwan 台灣
Building skills and local MCP services for all AI agents, everywhere.
為所有 AI Agent 打造技能與在地 MCP 服務，不限平台。
## Trust
- Source: tencent
- Verification: Indexed source record
- Publisher: peterokase42
- Version: 1.0.1
## Source health
- Status: healthy
- Item download looks usable.
- Yavira can redirect you to the upstream package for this item.
- Health scope: item
- Reason: direct_download_ok
- Checked at: 2026-04-29T05:58:16.184Z
- Expires at: 2026-05-06T05:58:16.184Z
- Recommended action: Download for OpenClaw
## Links
- [Detail page](https://openagent3.xyz/skills/dont-hack-me)
- [Send to Agent page](https://openagent3.xyz/skills/dont-hack-me/agent)
- [JSON manifest](https://openagent3.xyz/skills/dont-hack-me/agent.json)
- [Markdown brief](https://openagent3.xyz/skills/dont-hack-me/agent.md)
- [Download page](https://openagent3.xyz/downloads/dont-hack-me)