audit-openclaw-security

Teach the agent to perform a defensive, permissioned security audit of an OpenClaw deployment and produce an actionable report + remediation plan.

OpenClaw is a local-first personal AI assistant with a Gateway control plane, multi-channel inbox, tools (browser/fs/exec/nodes), and optional remote access patterns. The goal of this skill is to reduce attack surface (network + identity), minimise agent permissions, and protect secrets/transcripts.

Collect just enough context to pick the right audit path:

Audit and harden OpenClaw (Gateway + agents) security. Use when the user asks to audit/secure/harden OpenClaw; when troubleshooting risky exposure (especially the Gateway web UI/control plane on port 18789); when reviewing DM/group access control (pairing/allowlists/mention-gating); tool permissions (exec/fs/browser/nodes/gateway/cron); plugins/skills supply-chain risk; secrets/transcripts/log retention; or when deploying OpenClaw on a Mac mini, personal laptop, Docker host, or cloud VM (AWS EC2/VPS). Source: tristanmanchester/agent-skills.