← 返回 Skill 列表

extension

分类: 安全与合规无需 API Key

ClawShield

{ "translation": "OpenClaw 安全审计与提示注入检测。扫描网关、漏洞、定时任务及注入模式，用于加固安装安全。" }

ClawShield

Purpose

Audit a local OpenClaw install for security posture and common prompt-injection indicators. Produces a JSON report for review and alerting.

Workflow

Canvas present: Launch the panel server and present the UI.
User config: Update config.yaml (scan frequency, alerts, sensitivity).
Cron setup: Schedule scripts/audit.sh at the chosen cadence.
Report/Alert: Review JSON output and alert if prompt-injection hits or unexpected open ports are found.

Usage

Panel (recommended)

node scripts/panel-server.js

Then present the UI:

canvas.present → http://localhost:8133 (Scan / Settings / Logs)

Config (CLI)

node scripts/config.js get
node scripts/config.js set Scan_freq daily alerts telegram sensitivity high

Audit (CLI)

bash scripts/audit.sh > report.json

Notes

Local-only scans; no network calls outside localhost.
Panel server is local and stores the last report at logs/last-report.json.
config.yaml defaults: Scan_freq=daily, alerts=telegram, sensitivity=high.
Safe for routine security checks and “frenzy-proofing”.

Contact: Jeffrey Coleman | smallbizailab79@gmail.com | Custom audits/enterprise.