← 返回 Skill 列表

extension

分类: 安全与合规无需 API Key

Openclaw Security Guard

OpenClaw 安全审计 CLI 与实时仪表盘。扫描密钥泄露、配置问题、提示词注入、易受攻击依赖及未验证的 MCP 服务器。零遥测。

OpenClaw Security Guard

The missing security layer for your OpenClaw installation.

What it does

Run openclaw-guard audit to scan your OpenClaw setup across 5 categories:

Secrets Scanner -- Detects API keys, tokens, passwords across 15+ formats + entropy analysis
Config Auditor -- Checks sandbox mode, DM policy, gateway binding, rate limiting
Prompt Injection Detector -- 50+ patterns: instruction overrides, role hijacking, jailbreaks
Dependency Scanner -- npm CVE scanning
MCP Server Auditor -- Allowlist-based verification of installed MCP servers

Quick start

npm install -g openclaw-security-guard

# Full audit
openclaw-guard audit

# Fix issues automatically (with backup)
openclaw-guard fix --auto

# Launch live dashboard
openclaw-guard dashboard

Features

Security Score (0-100) -- one number for your security posture
Auto-hardening -- interactive, automatic, or dry-run modes
Live dashboard -- real-time monitoring at localhost:18790
Pre-commit hooks -- catch secrets before they're committed
Multi-language -- English, French, Arabic
Zero telemetry -- no tracking, no network requests, 100% local

Links

Repository: https://github.com/2pidata/openclaw-security-guard
Author: Miloud Belarebia / 2PiData
License: MIT