A comprehensive security tool for OpenClaw users to protect their AI assistant.
# Run security audit
python3 {baseDir}/scripts/main.py audit
# Scan for secrets
python3 {baseDir}/scripts/main.py scan
# Generate report
python3 {baseDir}/scripts/main.py report --format md
# Check token status
python3 {baseDir}/scripts/main.py token status
# Access control
python3 {baseDir}/scripts/main.py access list
# Security hardening
python3 {baseDir}/scripts/main.py harden --fix
# Quick status check
python3 {baseDir}/scripts/main.py status
--format, -f <format> Output format: json, md, table (default: table)
--lang, -l <lang> Language: en, zh (default: auto-detect)
--quiet, -q Quiet mode, only output results
--verbose, -v Verbose output
--output, -o <file> Output file path
--deep Deep scan mode
--fix Auto-fix issues where possible
| Category | Checks |
|---|---|
| ---------- | -------- |
| Config | Gateway bind, auth mode, token strength |
| Secrets | API keys, tokens, passwords, private keys |
| Access | Devices, users, channels, sessions |
| Network | Public exposure, open ports |
# Full audit with auto-fix
python3 {baseDir}/scripts/main.py audit --deep --fix
# Generate markdown report
python3 {baseDir}/scripts/main.py report --format md -o security.md
# Scan for specific pattern
python3 {baseDir}/scripts/main.py scan --pattern "sk-"
# List all paired devices
python3 {baseDir}/scripts/main.py access devices
# Generate JSON report
python3 {baseDir}/scripts/main.py report --format json
🔐 OpenClaw Security Guard v1.0.0
━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
📊 Security Score: 72/100 ⚠️
🔴 HIGH RISK
• API Key exposed in config file
Location: ~/.openclaw/openclaw.json:15
{
"score": 72,
"findings": [...]
}
# Security Report
**Score**: 72/100
Auto-detected based on system locale.
MIT
v1.0.0
共 1 个版本