openclaw-security-guard
Health Pass
- License — License: NOASSERTION
- Description — Repository has a description
- Active repo — Last push 0 days ago
- Community trust — 15 GitHub stars
Code Fail
- os.homedir — User home directory access in src/dashboard/server.js
- network request — Outbound network request in src/dashboard/server.js
Permissions Pass
- Permissions — No dangerous permissions requested
This tool provides a comprehensive security layer for OpenClaw installations, offering a CLI scanner and live dashboard to detect secrets, harden configurations, and scan for prompt injections.
Security Assessment
The tool requires access to the user's home directory (`os.homedir`), which makes sense for a utility designed to scan local configurations, but users should be aware it can access personal file paths. It also makes outbound network requests within its dashboard server component. It does not request dangerous system permissions, and no hardcoded secrets were detected. Overall risk is rated as Medium—the file and network access are expected for its feature set, but warrant a code review before exposing the dashboard to unprotected networks.
Quality Assessment
The project appears to be actively maintained, with repository pushes happening as recently as today. It claims MIT licensing in the documentation, though the automated scanner flagged the repository license as "NOASSERTION," meaning developers should manually verify the legal terms before adopting it in commercial projects. Community trust is currently limited but present, with 15 GitHub stars.
Verdict
Use with caution.
Complete security layer for OpenClaw - CLI Scanner + Live Dashboard. Secrets detection, config hardening, prompt injection scanning, MCP server auditing. Zero telemetry.
OpenClaw Security Guard
The missing security layer for your OpenClaw installation.
Audit. Monitor. Protect. All from one tool.
Quick Start • Why This Tool • Features • Dashboard • CLI • Contributing
Built by Miloud Belarebia at 2PiData — for the OpenClaw community.
Upstream integration: The core runtime guardrails from this tool are being integrated as an official OpenClaw extension — see PR #17273 and Discussion #17275. This standalone CLI tool will continue to be maintained for additional features (dashboard, secrets scanning, auto-hardening, dependency auditing).
The Problem
You installed OpenClaw. It works great. But ask yourself:
- Are your API keys exposed in config files or skills?
- Is your sandbox mode properly configured?
- Do your MCP servers come from verified sources?
- Could a prompt injection be hiding in your workspace files?
- Are your npm dependencies free of known vulnerabilities?
If you're not sure, you need this tool.
Quick Start
# Install globally
npm install -g openclaw-security-guard
# Run your first audit
openclaw-guard audit
# Fix issues automatically
openclaw-guard fix --auto
# Launch the live dashboard
openclaw-guard dashboard
30 seconds. That's all it takes to know your security posture.
Why Security Guard?
There are other security tools in the OpenClaw ecosystem. Here's how they compare:
Built-in security audit |
ClawSec | OpenClaw Shield | Security Guard | |
|---|---|---|---|---|
| Secrets scanning (API keys, tokens) | Basic | Yes | Yes | 15+ formats + entropy |
| Config hardening & auto-fix | No | Partial | Partial | Full auto-fix, 3 modes |
| Prompt injection detection | No | No | Basic | 50+ patterns |
| MCP server verification | No | No | No | Allowlist-based |
| npm dependency scanning | No | No | No | Yes |
| Live web dashboard | No | No | No | Real-time scoring |
| API cost monitoring | No | No | No | Daily/monthly |
| Pre-commit hooks | No | No | No | Yes |
| Multi-language (EN/FR/AR) | No | No | No | Yes |
| Zero telemetry guaranteed | Unknown | Unknown | Unknown | 100% local |
Security Guard doesn't replace these tools. It fills the gaps they leave.
What You Get
5 Application Scanners + Infrastructure Module
| Scanner | What it catches |
|---|---|
| Secrets Scanner | API keys, tokens, passwords, private keys, webhook URLs. Uses pattern matching + Shannon entropy analysis. |
| Config Auditor | Weak sandbox mode, open DM policy, public gateway binding, disabled rate limiting, elevated mode risks. |
| Prompt Injection Detector | 50+ patterns: instruction overrides, role hijacking, data exfiltration, delimiter manipulation, jailbreak attempts. |
| Dependency Scanner | Known CVEs in your npm dependency tree. |
| MCP Server Auditor | Unverified MCP servers not in the community allowlist. |
Infrastructure Security (opt-in)
For production deployments, add --infra to scan your server:
openclaw-guard audit --infra
| Scanner | What it checks |
|---|---|
| Network Security | Firewall status (UFW/firewalld/macOS), public port exposure, gateway bound to 0.0.0.0 vs 127.0.0.1 |
| SSH Access Control | Password authentication, root login, fail2ban status, failed login attempts (24h) |
| System Hardening | Security updates available, config file permissions (600 vs 777), unattended upgrades |
| TLS / Certificates | Reverse proxy (Caddy/Nginx), Tailscale/WireGuard VPN status |
| Resource Security | Disk usage (DoS risk at >90%), memory usage monitoring |
The infra module catches what application scanning misses:
- App score says 85/100, but gateway is on
0.0.0.0with SSH password auth enabled = actually vulnerable - With
--infra, the combined score reflects the real picture
Auto-Hardening
Three modes to fix issues your way:
openclaw-guard fix # Interactive: review each fix
openclaw-guard fix --auto # Automatic: fix everything, backup first
openclaw-guard fix --dry-run # Preview: see what would change
Every fix creates a timestamped backup. Nothing is irreversible.
Security Score (0-100)
One number that tells you where you stand:
| Score | Meaning |
|---|---|
| 80-100 | You're in good shape. |
| 60-79 | Some issues to review. |
| Below 60 | Action required now. |
Deductions: critical finding = -10, high = -5, medium = -2. Sandbox off = -20. Open DM policy = -15.
Live Dashboard
openclaw-guard dashboard
Opens a password-protected web dashboard at http://localhost:18790 with:
- Real-time security score that updates as threats are detected
- Request monitoring with requests-per-minute tracking
- Cost tracking for API usage (daily/monthly limits)
- Threat feed showing prompt injection attempts, blocked requests, rate limit hits
- Config overview at a glance
The dashboard runs on localhost only, uses PBKDF2 password hashing (100k iterations, SHA-512), and connects to your OpenClaw gateway via WebSocket.
CLI Reference
| Command | Description |
|---|---|
openclaw-guard audit |
Full security audit |
openclaw-guard audit --deep |
Deep scan with entropy analysis |
openclaw-guard audit --quick |
Fast scan, skip advanced checks |
openclaw-guard audit --infra |
Include infrastructure scanning (network, SSH, system) |
openclaw-guard audit --ci |
CI mode (exit code 1 on critical issues) |
openclaw-guard fix |
Interactive fix mode |
openclaw-guard fix --auto |
Automatic fix with backup |
openclaw-guard fix --dry-run |
Preview fixes without applying |
openclaw-guard dashboard |
Start live dashboard |
openclaw-guard dashboard -p 3000 |
Custom port |
openclaw-guard scan secrets |
Scan for secrets only |
openclaw-guard scan config |
Audit config only |
openclaw-guard scan prompts |
Detect prompt injections only |
openclaw-guard report -f html |
Generate HTML report |
openclaw-guard report -f json |
Generate JSON report |
openclaw-guard hooks install |
Install pre-commit hook |
openclaw-guard hooks status |
Check hook status |
Global Options
| Option | Description |
|---|---|
-c, --config <path> |
Custom config file path |
-l, --lang <lang> |
Language: en, fr, ar |
-v, --verbose |
Verbose output |
-q, --quiet |
No banner |
Configuration
Create .openclaw-guard.json in your project root or home directory:
{
"scanners": {
"secrets": {
"enabled": true,
"exclude": ["*.test.js", "node_modules/**"]
},
"config": {
"enabled": true,
"strict": true
},
"prompts": {
"enabled": true,
"sensitivity": "high"
},
"mcpServers": {
"allowlist": [
"mcp-server-filesystem",
"mcp-server-fetch",
"mcp-server-memory",
"mcp-server-sqlite",
"mcp-server-git",
"mcp-server-github"
],
"blockUnknown": false
}
},
"monitors": {
"cost": {
"dailyLimit": 10,
"monthlyLimit": 100
}
},
"dashboard": {
"port": 18790
}
}
Programmatic API
Use Security Guard as a library in your own projects:
import { quickAudit, checkPromptInjection } from 'openclaw-security-guard';
// Full audit
const results = await quickAudit('~/.openclaw');
console.log(`Score: ${results.securityScore}/100`);
console.log(`Critical: ${results.summary.critical}`);
// Check a message for injection
const check = await checkPromptInjection('ignore all previous instructions');
console.log(check.safe); // false
// Individual scanners
import { SecretsScanner, ConfigAuditor, McpServerAuditor } from 'openclaw-security-guard';
const scanner = new SecretsScanner({});
const result = await scanner.scan('/path/to/openclaw');
Privacy & Security
This is a security tool. It should be secure itself. Here's the commitment:
| Telemetry | None. Zero. |
| Network requests | None (except local WebSocket to your gateway) |
| Data collection | None |
| Cloud dependency | None |
| Dashboard access | localhost only, password-protected |
| Password storage | PBKDF2, 100k iterations, SHA-512 |
| Input validation | Zod schemas everywhere |
| Report generation | XSS-safe, path-traversal-safe |
See SECURITY.md for the full security policy.
Documentation
| Language | Link |
|---|---|
| English | docs/en/README.md |
| French | docs/fr/README.md |
| Arabic | docs/ar/README.md |
Contributing
PRs welcome. See CONTRIBUTING.md.
git clone https://github.com/2pidata/openclaw-security-guard.git
cd openclaw-security-guard
npm install
npm test # 25 tests, 0 warnings
License
Created by Miloud Belarebia at 2PiData
Inspired by detect-secrets, trivy, and OWASP.
If this tool helps you, leave a star. It helps others find it too.
github.com/2pidata/openclaw-security-guard
Reviews (0)
Sign in to leave a review.
Leave a reviewNo results found