Perform security compliance checks on MCP/LLM application configurations.
When the user invokes this skill, run security checks on their configuration.
cd {baseDir}/../../ && uv run python main.py check --config "<config_path>" --format json
config_path: Path to the configuration file to check (JSON/YAML/TOML)--auto to auto-discover config:```bash
cd {baseDir}/../../ && uv run python main.py check --auto --format json
```
--auto```bash
cd {baseDir}/../../ && uv run python main.py check --config "
```
```json
{
"summary": {
"overall_status": "安全|注意|高危",
"total": 10,
"passed": 7,
"failed": 3,
"by_level": {"safe": 7, "attention": 2, "high_risk": 1}
},
"failed_results": [
{
"name": "检查项名称",
"category": "安全类别",
"level": "高危|注意",
"message": "问题描述",
"risk_description": "风险说明",
"remediation": "整改建议",
"fix_commands": ["command to fix"]
}
]
}
```
0: All checks passed (safe)1: Attention items found2: High-risk items foundUse {baseDir}/example-config.json as a reference template for users who need a starting point.
| Category | Description |
|---|---|
| ---------- | ------------- |
| 配置与密钥 | Secrets in config, hardcoded credentials |
| 权限 | File permissions, access controls |
| 网络暴露 | Network bindings, CORS, exposed ports |
| 插件安全 | MCP server security, plugin sources |
| 日志与审计 | Logging configuration, audit trails |
| 版本信息 | Version exposure, update status |
| OpenClaw安全 | OpenClaw-specific deployment security |
User: "/safeclaw check my config at ./config/mcp.json"
Response:
cd {baseDir}/../../ && uv run python main.py check --config "./config/mcp.json" --format json--format json for machine-readable output{baseDir}/../../ to reach project root{baseDir}/templates/minimal-config.json共 1 个版本