Skill

clawdbot-security

From sundial-org-awesome-openclaw-skills-4

Audits and hardens Clawdbot/Moltbot installations: detects exposed gateways, fixes permissions, enables authentication, checks Node.js/mDNS, guides firewall/Tailscale setup. Use post-install on servers/VPS.

Bash

Node

security

Install

npx claudepluginhub joshuarweaver/cascade-ai-ml-agents-misc-2 --plugin sundial-org-awesome-openclaw-skills-4

Tool Access

This skill uses the workspace's default tool permissions.

Preview

Comprehensive security scanner and hardening guide for Clawdbot/Moltbot installations.

Supporting Assets

cli.jspackage.json

SKILL.md

Similar Skills

cache-components

Guides Next.js Cache Components and Partial Prerendering (PPR) with cacheComponents enabled. Implements 'use cache', cacheLife(), cacheTag(), revalidateTag(), static/dynamic optimization, and cache debugging.

cache-components

139.2k

mcp-builder

9 files

Guides building MCP servers enabling LLMs to interact with external services via tools. Covers best practices, TypeScript/Node (MCP SDK), Python (FastMCP).

anthropics-skills-13

124.2k

canvas-design

20 files

Generates original PNG/PDF visual art via design philosophy manifestos for posters, graphics, and static designs on user request.

anthropics-skills-13

124.2k

Stats

Stars586

Forks75

Last CommitFeb 1, 2026

Actions

View Source View Plugin View on GitHub View README

Clawdbot Security Audit

Comprehensive security scanner and hardening guide for Clawdbot/Moltbot installations.

Why this matters: 1,673+ Clawdbot gateways were found exposed on Shodan. If you installed Clawdbot on a server or VPS, you might be one of them.

Quick Start

# Scan for issues
npx clawdbot-security-audit

# Scan and auto-fix
npx clawdbot-security-audit --fix

# Deep scan (includes network check)
npx clawdbot-security-audit --deep --fix

What Gets Checked

1. Gateway Binding

Safe: bind: "loopback" (127.0.0.1)
DANGER: bind: "lan" or bind: "0.0.0.0"

2. File Permissions

Config directory: 700 (owner only)
Config file: 600 (owner read/write only)
Credentials: 700 (owner only)

3. Authentication

Token auth or password auth should be enabled
Without auth, anyone who finds your gateway has full access

4. Node.js Version

Minimum: 20.x
Recommended: 22.12.0+
Older versions have known vulnerabilities

5. mDNS Broadcasting

Clawdbot uses Bonjour for local discovery
On servers, this should be disabled

6. External Accessibility (--deep)

Checks if your gateway port is reachable from the internet
Uses your public IP to test

Manual Hardening Steps

Step 1: Bind to Localhost Only

// ~/.clawdbot/clawdbot.json
{
  "gateway": {
    "bind": "loopback",
    "port": 18789
  }
}

Step 2: Lock File Permissions

chmod 700 ~/.clawdbot
chmod 600 ~/.clawdbot/clawdbot.json
chmod 700 ~/.clawdbot/credentials

Step 3: Enable Authentication

{
  "gateway": {
    "auth": {
      "mode": "token"
    }
  }
}

Then set the token:

export CLAWDBOT_GATEWAY_TOKEN=$(openssl rand -hex 32)

Step 4: Disable mDNS

export CLAWDBOT_DISABLE_BONJOUR=1

Step 5: Set Up Firewall (UFW)

# Default deny incoming
sudo ufw default deny incoming
sudo ufw default allow outgoing

# Allow SSH (don't lock yourself out!)
sudo ufw allow ssh

# Allow Tailscale if using
sudo ufw allow in on tailscale0

# Enable firewall
sudo ufw enable

# DO NOT allow port 18789 publicly!

Step 6: Set Up Tailscale (Recommended)

# Install
curl -fsSL https://tailscale.com/install.sh | sh
sudo tailscale up

# Configure Clawdbot
# Add to clawdbot.json:
{
  "gateway": {
    "bind": "loopback",
    "tailscale": {
      "mode": "serve"
    }
  }
}

What Gets Exposed When Vulnerable

When a Clawdbot gateway is exposed:

❌ Complete conversation histories (Telegram, WhatsApp, Signal, iMessage)
❌ API keys (Claude, OpenAI, etc.)
❌ OAuth tokens and bot credentials
❌ Full shell access to the host machine
❌ All files in the workspace

Prompt injection attacks can extract this data with a single email or message.

Checklist

Gateway bound to loopback only
File permissions locked down (700/600)
Authentication enabled (token or password)
Node.js 22.12.0+
mDNS disabled on servers
Firewall configured (UFW)
Tailscale for remote access (not port forwarding)
SSH key-only auth (no passwords)

Installation

# npm
npm install -g clawdbot-security-audit

# ClawdHub
clawdhub install lxgicstudios/clawdbot-security

Built by LXGIC Studios - @lxgicstudios