{ "schemaVersion": "1.0", "item": { "slug": "opena2a-security", "name": "OpenA2A Security", "source": "tencent", "type": "skill", "category": "安全合规", "sourceUrl": "https://clawhub.ai/abdelsfane/opena2a-security", "canonicalUrl": "https://clawhub.ai/abdelsfane/opena2a-security", "targetPlatform": "OpenClaw" }, "install": { "downloadMode": "redirect", "downloadUrl": "/downloads/opena2a-security", "sourceDownloadUrl": "https://wry-manatee-359.convex.site/api/v1/download?slug=opena2a-security", "sourcePlatform": "tencent", "targetPlatform": "OpenClaw", "installMethod": "Manual import", "extraction": "Extract archive", "prerequisites": [ "OpenClaw" ], "packageFormat": "ZIP package", "includedAssets": [ "SKILL.md" ], "primaryDoc": "SKILL.md", "quickSetup": [ "Download the package from Yavira.", "Extract the archive and review SKILL.md first.", "Import or place the package into your OpenClaw setup." ], "agentAssist": { "summary": "Hand the extracted package to your coding agent with a concrete install brief instead of figuring it out manually.", "steps": [ "Download the package from Yavira.", "Extract it into a folder your agent can access.", "Paste one of the prompts below and point your agent at the extracted folder." ], "prompts": [ { "label": "New install", "body": "I downloaded a skill package from Yavira. Read SKILL.md from the extracted folder and install it by following the included instructions. Tell me what you changed and call out any manual steps you could not complete." }, { "label": "Upgrade existing", "body": "I downloaded an updated skill package from Yavira. Read SKILL.md from the extracted folder, compare it with my current installation, and upgrade it while preserving any custom configuration unless the package docs explicitly say otherwise. Summarize what changed and any follow-up checks I should run." } ] }, "sourceHealth": { "source": "tencent", "status": "healthy", "reason": "direct_download_ok", "recommendedAction": "download", "checkedAt": "2026-04-23T16:43:11.935Z", "expiresAt": "2026-04-30T16:43:11.935Z", "httpStatus": 200, "finalUrl": "https://wry-manatee-359.convex.site/api/v1/download?slug=4claw-imageboard", "contentType": "application/zip", "probeMethod": "head", "details": { "probeUrl": "https://wry-manatee-359.convex.site/api/v1/download?slug=4claw-imageboard", "contentDisposition": "attachment; filename=\"4claw-imageboard-1.0.1.zip\"", "redirectLocation": null, "bodySnippet": null }, "scope": "source", "summary": "Source download looks usable.", "detail": "Yavira can redirect you to the upstream package for this source.", "primaryActionLabel": "Download for OpenClaw", "primaryActionHref": "/downloads/opena2a-security" }, "validation": { "installChecklist": [ "Use the Yavira download entry.", "Review SKILL.md after the package is downloaded.", "Confirm the extracted package contains the expected setup assets." ], "postInstallChecks": [ "Confirm the extracted package includes the expected docs or setup files.", "Validate the skill or prompts are available in your target agent workspace.", "Capture any manual follow-up steps the agent could not complete." ] }, "downloadPageUrl": "https://openagent3.xyz/downloads/opena2a-security", "agentPageUrl": "https://openagent3.xyz/skills/opena2a-security/agent", "manifestUrl": "https://openagent3.xyz/skills/opena2a-security/agent.json", "briefUrl": "https://openagent3.xyz/skills/opena2a-security/agent.md" }, "agentAssist": { "summary": "Hand the extracted package to your coding agent with a concrete install brief instead of figuring it out manually.", "steps": [ "Download the package from Yavira.", "Extract it into a folder your agent can access.", "Paste one of the prompts below and point your agent at the extracted folder." ], "prompts": [ { "label": "New install", "body": "I downloaded a skill package from Yavira. Read SKILL.md from the extracted folder and install it by following the included instructions. Tell me what you changed and call out any manual steps you could not complete." }, { "label": "Upgrade existing", "body": "I downloaded an updated skill package from Yavira. Read SKILL.md from the extracted folder, compare it with my current installation, and upgrade it while preserving any custom configuration unless the package docs explicitly say otherwise. Summarize what changed and any follow-up checks I should run." } ] }, "documentation": { "source": "clawhub", "primaryDoc": "SKILL.md", "sections": [ { "title": "OpenA2A Security for OpenClaw", "body": "Security auditing and hardening for OpenClaw installations. Scan your configuration, detect known vulnerabilities, audit installed skills for malicious code, and get specific remediation steps.\n\nThis skill runs entirely locally. No data leaves your machine. No API keys required." }, { "title": "Quick Security Check", "body": "Ask for a fast overview of your security posture:\n\n\"Run a security audit on my OpenClaw setup\"\n\n\"Is my OpenClaw configuration secure?\"\n\n\"Check my OpenClaw for known vulnerabilities\"" }, { "title": "CVE-2026-25253 Detection", "body": "Check if your OpenClaw instance is vulnerable to the WebSocket hijack RCE (CVSS 8.8):\n\n\"Am I vulnerable to CVE-2026-25253?\"\n\n\"Check for the OpenClaw WebSocket vulnerability\"" }, { "title": "Skill Scanning", "body": "Scan installed skills for malicious code patterns (command injection, data exfiltration, obfuscated payloads, crypto mining):\n\n\"Scan my installed skills for malware\"\n\n\"Is the weather-bot skill safe?\"\n\n\"Check all my skills for security issues\"" }, { "title": "Credential Audit", "body": "Check for exposed credentials, weak file permissions, and plaintext storage:\n\n\"Are my API keys and tokens stored securely?\"\n\n\"Check my credential file permissions\"" }, { "title": "Configuration Hardening", "body": "Get specific recommendations for hardening your OpenClaw config:\n\n\"How do I harden my OpenClaw configuration?\"\n\n\"What security settings should I change?\"" }, { "title": "How It Works", "body": "This skill uses HackMyAgent, an open-source security scanner with 47 OpenClaw-specific checks across these categories:" }, { "title": "Skill Security (6 checks)", "body": "CheckWhat It DetectsSKILL-001Command injection via shell executionSKILL-002Dynamic code execution (eval, Function, vm)SKILL-003Data exfiltration to external endpointsSKILL-004Obfuscated code (base64, hex, charcode)SKILL-005Crypto mining indicatorsSKILL-006Path traversal outside skill directory" }, { "title": "Credential Security (4 checks)", "body": "CheckWhat It DetectsCRED-001Credentials exposed via gateway APICRED-002Credential files with world-readable permissionsCRED-003Plaintext credential storage without encryptionCRED-004Timing side-channel in authentication" }, { "title": "Gateway Security (4 checks)", "body": "CheckWhat It DetectsGW-001Missing rate limiting on endpointsGW-002SSRF-vulnerable URL fetch handlersGW-003Missing or incomplete security headersGW-004CVE-2026-25253 WebSocket hijack vulnerability" }, { "title": "Supply Chain (4 checks)", "body": "CheckWhat It DetectsSC-001npm install without --ignore-scriptsSC-002Unpinned or pre-release dependenciesSC-003Missing skill signing or hash verificationSC-004Known ClawHavoc malicious skill patterns" }, { "title": "Running Scans", "body": "When asked to perform a scan, run the following commands:" }, { "title": "Full Security Audit", "body": "npx hackmyagent secure ~/.openclaw" }, { "title": "Scan a Specific Skill", "body": "npx hackmyagent scan --skill " }, { "title": "CVE Detection Only", "body": "npx hackmyagent scan --cve ~/.openclaw" }, { "title": "Configuration Audit", "body": "npx hackmyagent audit ~/.openclaw/config.json5" }, { "title": "Generate Security Report", "body": "npx hackmyagent secure ~/.openclaw --format html --output security-report.html\n\nOutput formats: text, json, sarif, html, asp" }, { "title": "Security Recommendations", "body": "When providing recommendations, reference these priority levels:" }, { "title": "Do Immediately", "body": "Update OpenClaw to the latest version (patches CVE-2026-25253, credential redaction, timing-safe auth, lifecycle script blocking)\nRun npx hackmyagent secure to identify your current exposure\nReview installed skills — remove any you do not actively use\nCheck file permissions — credential files should be 0600, not world-readable" }, { "title": "Configuration Changes", "body": "Recommend these config.json5 changes when relevant:\n\nSet gateway.auth to a strong token (32+ characters, randomly generated)\nSet gateway.host to 127.0.0.1 (loopback only) unless remote access is required\nDisable unused channel integrations\nSet plugins.allowUnsafe to false\nEnable Docker sandbox mode when available" }, { "title": "For Skill Publishers", "body": "Do not hardcode API keys in skill code — use environment variables\nDeclare minimum required permissions in SKILL.md frontmatter\nDo not use eval(), Function(), or child_process.exec() with user input\nDo not fetch external URLs at install time" }, { "title": "Interpreting Results", "body": "When presenting scan results to the user:\n\nCRITICAL findings require immediate action — explain the specific risk and provide the fix command\nHIGH findings should be addressed before deploying to production\nMEDIUM findings are defense-in-depth improvements\nLOW findings are best-practice recommendations\n\nAlways explain findings in plain language. Not every user is a security expert. State what the risk is, who could exploit it, and exactly how to fix it." }, { "title": "Background", "body": "This skill is built by OpenA2A (opena2a.org), the team behind 6 merged security patches in OpenClaw main:\n\nPRFix#9806Skill code safety scanner (19 detection rules, +1,721 lines)#9858Credential redaction for gateway WebSocket responses#10525Path traversal fix in A2UI file serving#10527Timing-safe comparison for hook token auth#10528Blocked npm lifecycle scripts during plugin install#10529File permission enforcement on WhatsApp credentials\n\nScanner: https://www.npmjs.com/package/hackmyagent\nSource: https://github.com/opena2a-org/hackmyagent\nThreat model: https://github.com/openclaw/trust/pull/7" } ], "body": "OpenA2A Security for OpenClaw\n\nSecurity auditing and hardening for OpenClaw installations. Scan your configuration, detect known vulnerabilities, audit installed skills for malicious code, and get specific remediation steps.\n\nThis skill runs entirely locally. No data leaves your machine. No API keys required.\n\nWhat You Can Ask\nQuick Security Check\n\nAsk for a fast overview of your security posture:\n\n\"Run a security audit on my OpenClaw setup\"\n\n\"Is my OpenClaw configuration secure?\"\n\n\"Check my OpenClaw for known vulnerabilities\"\n\nCVE-2026-25253 Detection\n\nCheck if your OpenClaw instance is vulnerable to the WebSocket hijack RCE (CVSS 8.8):\n\n\"Am I vulnerable to CVE-2026-25253?\"\n\n\"Check for the OpenClaw WebSocket vulnerability\"\n\nSkill Scanning\n\nScan installed skills for malicious code patterns (command injection, data exfiltration, obfuscated payloads, crypto mining):\n\n\"Scan my installed skills for malware\"\n\n\"Is the weather-bot skill safe?\"\n\n\"Check all my skills for security issues\"\n\nCredential Audit\n\nCheck for exposed credentials, weak file permissions, and plaintext storage:\n\n\"Are my API keys and tokens stored securely?\"\n\n\"Check my credential file permissions\"\n\nConfiguration Hardening\n\nGet specific recommendations for hardening your OpenClaw config:\n\n\"How do I harden my OpenClaw configuration?\"\n\n\"What security settings should I change?\"\n\nHow It Works\n\nThis skill uses HackMyAgent, an open-source security scanner with 47 OpenClaw-specific checks across these categories:\n\nSkill Security (6 checks)\nCheck\tWhat It Detects\nSKILL-001\tCommand injection via shell execution\nSKILL-002\tDynamic code execution (eval, Function, vm)\nSKILL-003\tData exfiltration to external endpoints\nSKILL-004\tObfuscated code (base64, hex, charcode)\nSKILL-005\tCrypto mining indicators\nSKILL-006\tPath traversal outside skill directory\nCredential Security (4 checks)\nCheck\tWhat It Detects\nCRED-001\tCredentials exposed via gateway API\nCRED-002\tCredential files with world-readable permissions\nCRED-003\tPlaintext credential storage without encryption\nCRED-004\tTiming side-channel in authentication\nGateway Security (4 checks)\nCheck\tWhat It Detects\nGW-001\tMissing rate limiting on endpoints\nGW-002\tSSRF-vulnerable URL fetch handlers\nGW-003\tMissing or incomplete security headers\nGW-004\tCVE-2026-25253 WebSocket hijack vulnerability\nSupply Chain (4 checks)\nCheck\tWhat It Detects\nSC-001\tnpm install without --ignore-scripts\nSC-002\tUnpinned or pre-release dependencies\nSC-003\tMissing skill signing or hash verification\nSC-004\tKnown ClawHavoc malicious skill patterns\nRunning Scans\n\nWhen asked to perform a scan, run the following commands:\n\nFull Security Audit\nnpx hackmyagent secure ~/.openclaw\n\nScan a Specific Skill\nnpx hackmyagent scan --skill \n\nCVE Detection Only\nnpx hackmyagent scan --cve ~/.openclaw\n\nConfiguration Audit\nnpx hackmyagent audit ~/.openclaw/config.json5\n\nGenerate Security Report\nnpx hackmyagent secure ~/.openclaw --format html --output security-report.html\n\n\nOutput formats: text, json, sarif, html, asp\n\nSecurity Recommendations\n\nWhen providing recommendations, reference these priority levels:\n\nDo Immediately\nUpdate OpenClaw to the latest version (patches CVE-2026-25253, credential redaction, timing-safe auth, lifecycle script blocking)\nRun npx hackmyagent secure to identify your current exposure\nReview installed skills — remove any you do not actively use\nCheck file permissions — credential files should be 0600, not world-readable\nConfiguration Changes\n\nRecommend these config.json5 changes when relevant:\n\nSet gateway.auth to a strong token (32+ characters, randomly generated)\nSet gateway.host to 127.0.0.1 (loopback only) unless remote access is required\nDisable unused channel integrations\nSet plugins.allowUnsafe to false\nEnable Docker sandbox mode when available\nFor Skill Publishers\nDo not hardcode API keys in skill code — use environment variables\nDeclare minimum required permissions in SKILL.md frontmatter\nDo not use eval(), Function(), or child_process.exec() with user input\nDo not fetch external URLs at install time\nInterpreting Results\n\nWhen presenting scan results to the user:\n\nCRITICAL findings require immediate action — explain the specific risk and provide the fix command\nHIGH findings should be addressed before deploying to production\nMEDIUM findings are defense-in-depth improvements\nLOW findings are best-practice recommendations\n\nAlways explain findings in plain language. Not every user is a security expert. State what the risk is, who could exploit it, and exactly how to fix it.\n\nBackground\n\nThis skill is built by OpenA2A (opena2a.org), the team behind 6 merged security patches in OpenClaw main:\n\nPR\tFix\n#9806\tSkill code safety scanner (19 detection rules, +1,721 lines)\n#9858\tCredential redaction for gateway WebSocket responses\n#10525\tPath traversal fix in A2UI file serving\n#10527\tTiming-safe comparison for hook token auth\n#10528\tBlocked npm lifecycle scripts during plugin install\n#10529\tFile permission enforcement on WhatsApp credentials\n\nScanner: https://www.npmjs.com/package/hackmyagent Source: https://github.com/opena2a-org/hackmyagent Threat model: https://github.com/openclaw/trust/pull/7" }, "trust": { "sourceLabel": "tencent", "provenanceUrl": "https://clawhub.ai/abdelsfane/opena2a-security", "publisherUrl": "https://clawhub.ai/abdelsfane/opena2a-security", "owner": "abdelsfane", "version": "1.0.0", "license": null, "verificationStatus": "Indexed source record" }, "links": { "detailUrl": "https://openagent3.xyz/skills/opena2a-security", "downloadUrl": "https://openagent3.xyz/downloads/opena2a-security", "agentUrl": "https://openagent3.xyz/skills/opena2a-security/agent", "manifestUrl": "https://openagent3.xyz/skills/opena2a-security/agent.json", "briefUrl": "https://openagent3.xyz/skills/opena2a-security/agent.md" } }