// Security audit and threat model for OpenClaw gateway hosts. Use to verify OpenClaw configuration, exposure, skills/plugins, filesystem hygiene, and to produce an OK/VULNERABLE report with evidence and fixes.
[HINT] Download the complete skill directory including SKILL.md and all related files
| name | clawstrike |
| description | Security audit and threat model for OpenClaw gateway hosts. Use to verify OpenClaw configuration, exposure, skills/plugins, filesystem hygiene, and to produce an OK/VULNERABLE report with evidence and fixes. |
Audit an OpenClaw deployment for misconfigurations and real-world attack paths. Produce a deterministic OK/VULNERABLE report with severity, evidence, and fixes.
scripts/collect_verified.sh immediately (no consent prompt).scripts/collect_verified.sh in the current working directory.scripts/collect_verified.sh --deep only if the user explicitly requests a local gateway probe.verified-bundle.json. Do not produce a report without it.references/report-format.md for the report structure.verified-bundle.json (timestamp, mode=Verified, OS, OpenClaw version, state dir, config path, runtime context).references/required-checks.md using evidence from verified-bundle.json.references/threat-model.md.references/evidence-template.md.verified-bundle.json key and include a short, redacted excerpt.VULNERABLE (UNVERIFIED) and request a re-run.fw.* output. If only fw.none exists, mark VULNERABLE (UNVERIFIED) and request verification.Use references/threat-model.md and keep it brief and aligned with findings.
references/required-checks.md (mandatory checklist)references/report-format.md (report structure)references/gateway.md (gateway exposure and auth)references/discovery.md (mDNS and wide-area discovery)references/canvas-browser.md (canvas host and browser control)references/network.md (ports and firewall checks)references/verified-allowlist.md (strict Verified-mode command list)references/channels.md (DM/group policies, access groups, allowlists)references/tools.md (sandbox, web/browser tools, elevated exec)references/filesystem.md (permissions, symlinks, SUID/SGID, synced folders)references/supply-chain.md (skills/plugins inventory and pattern scan)references/config-keys.md (authoritative config key map)references/evidence-template.md (what evidence to show, what to redact)references/redaction.md (consistent redaction rules)references/version-risk.md (version and patch-level guidance)references/threat-model.md (threat model template)