Security Sentinel OpenClaw Skill - ClawHub
Do you want your AI agent to automate Security Sentinel workflows? This free skill from ClawHub helps with security & passwords tasks without building custom tools from scratch.
What this skill does
Scan the workspace for security vulnerabilities, exposed secrets, and misconfigurations.
Install
npx clawhub@latest install security-sentinelFull SKILL.md
Open original| name | description |
|---|---|
| security-sentinel | Scan the workspace for security vulnerabilities, exposed secrets, and misconfigurations. |
Security Sentinel
A unified security scanner for OpenClaw workspaces. Detects vulnerabilities in dependencies (npm audit), exposed secrets (regex patterns), and unsafe file permissions.
Usage
CLI
Run a full security scan:
node skills/security-sentinel/index.js
This will output a JSON report to stdout. If risks are detected (high/critical vulnerabilities, secrets, or bad permissions), it exits with code 1.
Options
--skip-audit: Skip the npm audit step (faster)--no-fail: Do not exit with code 1 even if risks are detected (useful for monitoring only)
Programmatic
const sentinel = require('./skills/security-sentinel');
const report = await sentinel.scan();
if (report.status === 'risk_detected') {
console.error('Security issues found:', report);
}
Features
- Dependency Audit: Runs
npm auditto checkpackage.jsondependencies for known CVEs. - Secret Detection: Scans workspace files for patterns resembling API keys, passwords, and private keys.
- Permission Check: Verifies critical files (
package.json,.env) are not world-writable.
Configuration
- Ignored Paths:
node_modules,.git,logs,temp,.openclaw/cache. - Secret Patterns: Generic API Key, Password, Private Key, Feishu App Secret.