AgentSkillsCN

openclaw-security

统一的安全防护套件,为代理工作空间保驾护航。只需一条命令,即可一站式安装、配置并协同运作全部 11 项 OpenClaw 安全工具——涵盖完整性保障、敏感信息管理、权限控制、网络防护、审计追踪、签名认证、供应链安全、凭据管理、注入防御、合规监管以及事件响应。

SKILL.md
--- frontmatter
name: openclaw-security
description: "Unified security suite for agent workspaces. Installs, configures, and orchestrates all 11 OpenClaw security tools in one command — integrity, secrets, permissions, network, audit trail, signing, supply chain, credentials, injection defense, compliance, and incident response."
user-invocable: true
metadata: {"openclaw":{"emoji":"🔒","requires":{"bins":["python3"]},"os":["darwin","linux","win32"]}}

OpenClaw Security Suite

One skill to install, configure, and orchestrate the entire OpenClaw security stack.

Install All Security Tools

bash
python3 {baseDir}/scripts/security.py install --workspace /path/to/workspace

Installs all 11 free security skills from ClawHub.

Unified Dashboard

bash
python3 {baseDir}/scripts/security.py status --workspace /path/to/workspace

Aggregated health check across all installed security tools.

Full Security Scan

bash
python3 {baseDir}/scripts/security.py scan --workspace /path/to/workspace

Runs every scanner: integrity verification, secret detection, permission audit, network DLP, supply chain analysis, injection scanning, credential exposure, and compliance audit.

First-Time Setup

bash
python3 {baseDir}/scripts/security.py setup --workspace /path/to/workspace

Initializes all tools that need it: integrity baseline, skill signing, audit ledger, compliance policy.

Update All Tools

bash
python3 {baseDir}/scripts/security.py update --workspace /path/to/workspace

Updates all installed security skills to latest versions via ClawHub.

List Installed Tools

bash
python3 {baseDir}/scripts/security.py list --workspace /path/to/workspace

Shows which security tools are installed and their versions.

Pro Protection Sweep

bash
python3 {baseDir}/scripts/security.py protect --workspace /path/to/workspace

Runs automated countermeasures across all installed Pro tools. Requires Pro versions.

What Gets Orchestrated

ToolDomainFreePro
wardenWorkspace integrity, injection detectionDetectRestore, rollback, quarantine
sentrySecret/credential scanningDetectRedact, quarantine
arbiterPermission auditingDetectRevoke, enforce
egressNetwork DLP, exfiltration detectionDetectBlock, allowlist
ledgerHash-chained audit trailRecordFreeze, forensics
signetCryptographic skill signingVerifyReject, restore
sentinelSupply chain securityScanQuarantine, block
vaultCredential lifecycleAuditFix, rotate
bastionPrompt injection defenseScanSanitize, enforce
marshalCompliance/policy enforcementAuditEnforce, hooks
triageIncident response & forensicsInvestigateContain, remediate

Requirements

  • Python 3.8+
  • No external dependencies (stdlib only)
  • Cross-platform: Windows, macOS, Linux