| name | clawsecurity |
| description | Security scanning and remediation for AI coding agents. Scan code for vulnerabilities, generate fix patches, detect sensitive data leaks, and produce compliance reports — all from your OpenClaw agent. |
| user-invocable | true |
| metadata | {"openclaw":{"emoji":"🛡️","homepage":"https://clawsecurity.altllm.ai","os":["darwin","linux","win32"],"requires":{"env":["CLAWSEC_API_KEY"]},"primaryEnv":"CLAWSEC_API_KEY","skillKey":"clawsecurity","install":[{"id":"clawsec-cli","kind":"node","label":"Install ClawSecurity CLI via npm","package":"@clawsec/cli"}]}} |
ClawSecurity — AI Agent Security Skill
Security scanning, remediation, and monitoring for OpenClaw agents.
What This Skill Does
ClawSecurity protects AI coding agents by scanning code for vulnerabilities, generating minimal fix patches, detecting sensitive data in agent I/O, and producing compliance reports.
This skill provides lightweight security features from chat. For full real-time protection — live process monitoring, network inspection, I/O interception, prompt injection detection (55+ patterns), behavioral analysis, and automated quarantine — install the ClawSecurity desktop app.
Available for Linux (.deb, .rpm, .AppImage), macOS (Apple Silicon + Intel .dmg), and Windows (.msi, .exe).
Skill vs Desktop App
| Feature | Skill (this) | Desktop App |
|---|
| Code vulnerability scanning | Yes | Yes |
| Fix patch generation | Yes | Yes |
| Security reports | Yes | Yes |
| Sensitive data detection (on-demand) | Yes | Yes |
| Live process monitoring | — | Yes |
| Live network inspection | — | Yes |
| Real-time I/O interception | — | Yes |
| Prompt injection detection (55+ patterns) | — | Yes |
| DLP — data loss prevention | — | Yes |
| Automated quarantine (suspend/kill) | — | Yes |
| Policy engine (programmable rails) | — | Yes |
| OWASP Agentic Top 10 coverage | Partial | Full |
API Base
All API calls use https://api.clawsecurity.altllm.ai/api/v1. Authenticate with the CLAWSEC_API_KEY environment variable via the Authorization: Bearer $CLAWSEC_API_KEY header.
Commands
/clawsec-scan — Run a Security Scan
Scan a repository or directory for vulnerabilities using Semgrep, Trivy, and osv-scanner.
Usage: /clawsec-scan <repo-url-or-path>
API Call:
POST /api/v1/scans
Content-Type: application/json
Authorization: Bearer $CLAWSEC_API_KEY
{ "repoUrl": "<repo-url>" }
Response: Returns a scan_id and queues the scan. Poll GET /api/v1/scans/<scan_id> until status is "completed".
Result fields:
id — Scan ID
status — queued | running | completed | failed
findingsCount — Total vulnerabilities found
findings[] — Array of findings with severity, file, line, title, owasp, cwe
/clawsec-fix — Generate a Fix Patch
Generate a minimal security patch for a specific vulnerability finding.
Usage: /clawsec-fix <finding-id>
API Call:
GET /api/v1/fixes/<finding-id>/preview
Authorization: Bearer $CLAWSEC_API_KEY
Response:
fixId — Fix ID
redactedPatch — Preview of the patch (redacted for free users)
locCount — Lines of code changed
confidence — HIGH | MEDIUM | LOW
To download the full patch (requires Pro or Enterprise subscription):
GET /api/v1/fixes/<fix-id>/patch
Authorization: Bearer $CLAWSEC_API_KEY
Returns a unified diff .patch file.
/clawsec-report — Generate a Security Report
Generate a comprehensive security assessment report from scan results.
Usage: /clawsec-report <scan-id> [format]
API Call:
GET /api/v1/scans/<scan_id>/report?format=markdown
Authorization: Bearer $CLAWSEC_API_KEY
Formats: json (default), markdown, html, sarif
Report sections:
- Executive summary with security health score (0-100)
- Detailed findings with OWASP/CWE mapping
- Before/after code comparison (if fixes applied)
- Compliance matrix (OWASP Top 10, OWASP LLM Top 10)
- Remediation roadmap with priority ordering
- Dependency health and license compliance
/clawsec-monitor — Check Agent I/O for Sensitive Data
Detect sensitive data (API keys, secrets, PII) in agent input/output streams.
Usage: /clawsec-monitor <text-to-check>
API Call:
POST /api/v1/dynamic/events
Content-Type: application/json
Authorization: Bearer $CLAWSEC_API_KEY
{
"events": [
{
"type": "stdout",
"content": "<text-to-check>",
"timestamp": "<ISO8601>"
}
]
}
Detection categories: API keys, cloud credentials, private keys, database URIs, authentication tokens, PII (emails, phone numbers, SSNs)
Response: Returns detected sensitive data patterns with category, severity, and redacted preview.
Workflow: Full Security Assessment
- Scan —
/clawsec-scan . to scan the current project
- Review — Read the findings, prioritize by severity (CRITICAL > HIGH > MEDIUM > LOW)
- Fix —
/clawsec-fix <finding-id> for each critical/high finding
- Apply — Download and apply patches to the codebase
- Verify — Re-scan to confirm fixes resolved the vulnerabilities
- Report —
/clawsec-report <scan-id> markdown for stakeholder distribution
Scan Engines
| Engine | What It Detects |
|---|
| Semgrep | SAST — injection, XSS, auth bypass, insecure crypto, hardcoded secrets |
| Trivy | Dependency CVEs, container misconfigs, IaC security issues |
| osv-scanner | Open-source vulnerability database (OSV) lookup |
| Custom Rules | Anthropic Red Team 2026 disclosures, AI-specific attack patterns |
Severity Levels
| Level | Meaning | Action |
|---|
| CRITICAL | Actively exploitable, data breach risk | Fix immediately |
| HIGH | Significant vulnerability, likely exploitable | Fix within 24h |
| MEDIUM | Moderate risk, requires specific conditions | Fix within 1 week |
| LOW | Minor issue, defense-in-depth improvement | Fix when convenient |
Subscription Tiers
| Free | Pro (Coming Soon) | Enterprise (Coming Soon) |
|---|
| Security scans | Unlimited | Unlimited | Unlimited |
| Fix patches | — | Included | Unlimited |
| Priority queue | — | Yes | Yes |
| API access | — | — | Full |
| Support | Community | Email | Dedicated |
Sign up at clawsecurity.altllm.ai.
Guardrails
- Read-only scanning: Never modify scanned files during a scan
- Credential safety: Never include real secrets in reports or logs
- Minimal patches: Fix only the root cause, do not refactor surrounding code
- Confidence gating: Flag LOW confidence fixes for human review
- Sensitive data: Redact detected secrets before displaying to user