<< All versions
Skill v1.0.1
currentLLM-judged scan95/100sundial-org/awesome-openclaw-skills/security-audit
1 files
──Details
PublishedJune 5, 2026 at 12:26 PM
Content Hashsha256:7ed4a7bd3811fbf4...
Git SHAb80cde2ef852
Bump Typepatch
──Files
Files (1 file, 2.4 KB)
SKILL.md2.4 KBactive
SKILL.md · 104 lines · 2.4 KB
version: "1.0.1" name: security-audit description: Comprehensive security auditing for Clawdbot deployments. Scans for exposed credentials, open ports, weak configs, and vulnerabilities. Auto-fix mode included.
Security Audit Skill
When to use
Run a security audit to identify vulnerabilities in your Clawdbot setup before deployment or on a schedule. Use auto-fix to remediate common issues automatically.
Setup
No external dependencies required. Uses native system tools where available.
How to
Quick audit (common issues)
bash
node skills/security-audit/scripts/audit.cjs
Full audit (comprehensive scan)
bash
node skills/security-audit/scripts/audit.cjs --full
Auto-fix common issues
bash
node skills/security-audit/scripts/audit.cjs --fix
Audit specific areas
bash
node skills/security-audit/scripts/audit.cjs --credentials # Check for exposed API keysnode skills/security-audit/scripts/audit.cjs --ports # Scan for open portsnode skills/security-audit/scripts/audit.cjs --configs # Validate configurationnode skills/security-audit/scripts/audit.cjs --permissions # Check file permissionsnode skills/security-audit/scripts/audit.cjs --docker # Docker security checks
Generate report
bash
node skills/security-audit/scripts/audit.cjs --full --json > audit-report.json
Output
The audit produces a report with:
| Level | Description | |
|---|---|---|
| 🔴 CRITICAL | Immediate action required (exposed credentials) | |
| 🟠 HIGH | Significant risk, fix soon | |
| 🟡 MEDIUM | Moderate concern | |
| 🟢 INFO | FYI, no action needed |
Checks Performed
Credentials
- API keys in environment files
- Tokens in command history
- Hardcoded secrets in code
- Weak password patterns
Ports
- Unexpected open ports
- Services exposed to internet
- Missing firewall rules
Configs
- Missing rate limiting
- Disabled authentication
- Default credentials
- Open CORS policies
Files
- World-readable files
- Executable by anyone
- Sensitive files in public dirs
Docker
- Privileged containers
- Missing resource limits
- Root user in container
Auto-Fix
The --fix option automatically:
- Sets restrictive file permissions (600 on .env)
- Secures sensitive configuration files
- Creates .gitignore if missing
- Enables basic security headers
Related skills
security-monitor- Real-time monitoring (available separately)