Secucheck

secucheck - OpenClaw Security Audit

Comprehensive security audit skill for OpenClaw deployments. Analyzes configuration, permissions, exposure risks, and runtime environment with context-aware recommendations.

Summary

secucheck performs read-only security audits of your OpenClaw setup: 7 audit domains: Runtime, Channels, Agents, Cron Jobs, Skills, Sessions, Network 3 expertise levels: Beginner (analogies), Intermediate (technical), Expert (attack vectors) Context-aware: Considers VPN, single-user, self-hosted scenarios Runtime checks: Live system state (network exposure, containers, privileges) Dashboard: Visual HTML report with security score Localized output: Final report matches user's language Never modifies configuration automatically. All fixes require explicit user confirmation.

Installation

clawhub install secucheck

Usage

Ask your OpenClaw agent: "security audit" "secucheck" "run security check"

Expertise Levels

When prompted, choose your level: Beginner - Simple analogies, no jargon Intermediate - Technical details, config examples Expert - Attack vectors, edge cases, CVEs All levels run the same checks—only explanation depth varies.

Dashboard

"show dashboard" / "visual report" Opens an HTML report in your browser.

Example Output

🔒 Security Audit Results 🟡 Needs Attention | Severity | Count | |----------|-------| | 🔴 Critical | 0 | | 🟠 High | 0 | | 🟡 Medium | 2 | | 🟢 Low | 3 | ### 🟡 Agent "molty": exec + external content processing ...

Features

🔍 Comprehensive: Channels, agents, cron, skills, sessions, network, runtime 👤 3 Expertise Levels: Beginner / Intermediate / Expert 🌏 Localized: Final report in user's language 🎯 Attack Scenarios: Real-world exploitation paths ⚡ Runtime Checks: VPN, containers, privileges, network exposure 🎨 Dashboard: Visual HTML report with security score

Agent Instructions

Everything below is for the agent executing this skill.

When to Use

Trigger this skill when: User requests security checkup/audit Auto-trigger: Installing skills, creating/modifying agents, adding/modifying cron jobs Periodic review (recommended: weekly)

Expertise Levels

LevelIdentifierStyleBeginner1, beginnerAnalogies, simple explanations, no jargonIntermediate2, intermediateTechnical details, config examplesExpert3, expertAttack vectors, edge cases, CVE references

Step 1: Ask Level (before running anything)

Present options in user's language. Example (English): What level of technical detail do you prefer? 1. 🌱 Beginner - I'll explain simply with analogies 2. 💻 Intermediate - Technical details and config examples 3. 🔐 Expert - Include attack vectors and edge cases 📌 All levels run the same checks—only explanation depth varies. STOP HERE. Wait for user response.

Step 2: Run Audit

bash ~/.openclaw/skills/secucheck/scripts/full_audit.sh Returns JSON with findings categorized by severity.

Step 3: Format Output

• Parse JSON output and format based on user's expertise level.
• Final report must be in user's language.
• Report Structure (Organize by Category)
• 🔒 Security Audit Results
• 📊 Summary Table
• | Severity | Count |
• |----------|-------|
• | 🔴 Critical | X |
• | ...
• ⚡ Runtime
• [findings related to RUNTIME category]
• 🤖 Agents
• [findings related to AGENT category]
• 📁 Workspace
• [findings related to WORKSPACE category]
• 🧩 Skills
• [findings related to SKILL category]
• 📢 Channels
• [findings related to CHANNEL category]
• 🌐 Network
• [findings related to NETWORK category]
• Group findings by their category field, not just severity.
• Within each category, show severity icon and explain.

Step 4: Auto-Open Dashboard

After text report, automatically generate and serve dashboard: bash ~/.openclaw/skills/secucheck/scripts/serve_dashboard.sh The script returns JSON with url (LAN IP) and local_url (localhost). Use the url field (not localhost) when telling the user — they may access from another device. Example: 📊 대시보드도 열었어요: http://192.168.1.200:8766/secucheck-report.html If running in environment where browser can be opened, use browser tool to open it.

Cross-Platform Support

Scripts run on Linux, macOS, and WSL. Check the JSON output for platform info: { "os": "linux", "os_variant": "ubuntu", "in_wsl": false, "in_dsm": false, "failed_checks": ["external_ip"] }

Platform Detection

FieldValuesoslinux, macos, windows, unknownos_variantubuntu, arch, dsm, wsl, version stringin_wsltrue if Windows Subsystem for Linuxin_dsmtrue if Synology DSM

Handling Failed Checks

If failed_checks array is non-empty, run fallback commands based on platform: Network Info Fallbacks PlatformCommandLinuxip addr show or ifconfigmacOSifconfigWSLip addr show (or check Windows via cmd.exe /c ipconfig)WindowsPowerShell: Get-NetIPAddressDSMifconfig or /sbin/ip addr Gateway Binding Fallbacks PlatformCommandLinuxss -tlnp | grep :18789 or netstat -tlnpmacOSlsof -iTCP:18789 -sTCP:LISTENWindowsPowerShell: Get-NetTCPConnection -LocalPort 18789 File Permissions Fallbacks PlatformCommandLinux/macOSls -la ~/.openclawWindowsPowerShell: Get-Acl $env:USERPROFILE\.openclaw

Windows Native Support

If os is windows and scripts fail completely: Use PowerShell commands directly: # Network exposure Get-NetTCPConnection -LocalPort 18789 -State Listen # File permissions Get-Acl "$env:USERPROFILE\.openclaw" # Process info Get-Process | Where-Object {$_.Name -like "*openclaw*"} Report what you can check and note Windows-specific limitations.

Minimal Environments (Docker, DSM)

Some environments lack tools. Check output and supplement: Missing ToolFallbackcurlwget -qO-ssnetstatipifconfig or /sbin/ippgrepps aux | grep

Agent Decision Flow

1. Run full_audit.sh 2. Check "failed_checks" in output 3. For each failed check: a. Identify platform from os/os_variant b. Run platform-specific fallback command c. Incorporate results into report 4. Note any checks that couldn't complete

Dashboard Generation

When user requests visual report: bash ~/.openclaw/skills/secucheck/scripts/serve_dashboard.sh Returns: { "status": "ok", "url": "http://localhost:8766/secucheck-report.html", "pid": 12345 } Provide URL directly to user.

Detailed Check References

Read these only when deep explanation needed: FileDomainchecks/runtime.mdLive system statechecks/channels.mdChannel policieschecks/agents.mdAgent permissionschecks/cron.mdScheduled jobschecks/skills.mdInstalled skillschecks/sessions.mdSession isolationchecks/network.mdNetwork configuration

Attack Scenario Templates

Use these for expert-level explanations: FileScenarioscenarios/prompt-injection.mdExternal content manipulationscenarios/session-leak.mdCross-session data exposurescenarios/privilege-escalation.mdTool permission abusescenarios/credential-exposure.mdSecret leakagescenarios/unauthorized-access.mdAccess control bypass

Risk Levels

🔴 Critical - Immediate action required. Active exploitation possible. 🟠 High - Significant risk. Should fix soon. 🟡 Medium - Notable concern. Plan to address. 🟢 Low - Minor issue or best practice recommendation. ⚪ Info - Not a risk, but worth noting.

Risk Matrix

Tool Permissions Minimal Full ┌──────────┬──────────┐ Exposure │ 🟢 │ 🟡 │ Low │ Safe │ Caution │ ├──────────┼──────────┤ │ 🟡 │ 🔴 │ High │ Caution │ Critical │ └──────────┴──────────┘ Exposure = Who can talk to the bot (DM policy, group access, public channels) Tool Permissions = What the bot can do (exec, file access, messaging, browser)

Context-Aware Exceptions

Don't just pattern match. Consider context: ContextAdjustmentPrivate channel, 2-3 trusted membersLower risk even with execVPN/Tailscale only accessNetwork exposure less criticalSelf-hosted, single userSession isolation less importantContainerized environmentPrivilege escalation less severe Always ask about environment if unclear.

Applying Fixes

CRITICAL RULES: Never auto-apply fixes. Always show suggestions first. Warn about functional impact. If a fix might break something, say so. Get explicit user confirmation before any config changes. Example flow: Agent: "Changing this setting will disable exec in #dev channel. If you're using code execution there, it will stop working. Apply this fix?" User: "yes" Agent: [apply fix via gateway config.patch]

Language Rules

Internal processing: Always English Thinking/reasoning: Always English Final user-facing report: Match user's language Technical terms: Keep in English (exec, cron, gateway, etc.)

Auto-Review Triggers

Invoke automatically when: Skill installation: clawhub install <skill> or manual addition Agent creation/modification: New agent or tool changes Cron job creation/modification: New or modified scheduled tasks For auto-reviews, focus only on changed component unless full audit requested.

Quick Commands

User RequestAction"check channels only"Run channels.md check"audit cron jobs"Run cron.md check"full audit"All checks"more detail"Re-run with verbose output

Trust Hierarchy

Apply appropriate trust levels: LevelEntityTrust Model1OwnerFull trust — has all access2AI AgentTrust but verify — sandboxed, logged3AllowlistsLimited trust — specified users only4StrangersNo trust — blocked by default

Incident Response Reference

If compromise suspected:

Containment

Stop gateway process Set gateway.bind to loopback (127.0.0.1) Disable risky DM/group policies

Rotation

Regenerate gateway auth token Rotate browser control tokens Revoke and rotate API keys

Review

Check gateway logs and session transcripts Review recent config changes Re-run full security audit

Files Reference

~/.openclaw/skills/secucheck/ ├── SKILL.md # This file ├── skill.json # Package metadata ├── README.md # User documentation ├── scripts/ │ ├── full_audit.sh # Complete audit (JSON output) │ ├── runtime_check.sh # Live system checks │ ├── gather_config.sh # Config extraction (redacted) │ ├── gather_skills.sh # Skill security scan │ ├── gather_agents.sh # Agent configurations │ ├── serve_dashboard.sh # Generate + serve HTML report │ └── generate_dashboard.sh ├── dashboard/ │ └── template.html # Dashboard template ├── checks/ │ ├── runtime.md # Runtime interpretation │ ├── channels.md # Channel policy checks │ ├── agents.md # Agent permission checks │ ├── cron.md # Cron job checks │ ├── skills.md # Skill safety checks │ ├── sessions.md # Session isolation │ └── network.md # Network exposure ├── scenarios/ │ ├── prompt-injection.md │ ├── session-leak.md │ ├── privilege-escalation.md │ ├── credential-exposure.md │ └── unauthorized-access.md └── templates/ ├── report.md # Full report template ├── finding.md # Single finding template └── summary.md # Quick summary template

Security Assessment Questions

When auditing, consider: Exposure: What network interfaces can reach this agent? Authentication: What verification does each access point require? Isolation: What boundaries exist between agent and host? Trust: What content sources are considered "trusted"? Auditability: What evidence exists of agent's actions? Least Privilege: Does agent have only necessary permissions? Remember: This skill exists to make OpenClaw self-aware of its security posture. Use regularly, extend as needed, never skip the audit.