npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

secureclaw

v1.5.0

Published

Security scanner and remediation tool for OpenClaw/Clawdbot - 33+ checks, tier-based fixing, SARIF/HTML/JSON output, zero-trust tunnel detection

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

buguardbuguard

Keywords

securityclawdbotopenclawscannervulnerabilityconfig-detectionsecurity-auditpentestingcybersecuritymcp-securityprompt-injectionsarifcloudflare-tunneltailscale

Readme

🔐 SecureClaw

Cross-platform security scanner and remediation tool for OpenClaw / Clawdbot

SecureClaw is a comprehensive security toolkit that audits and fixes security issues in OpenClaw and Clawdbot installations. It runs 33+ checks across 18 categories, auto-fixes config-level issues, and organizes findings into severity tiers (T1-T4) so you can prioritize what matters most.

  • 🔒 Credential protection (file permissions, ownership hardening)
  • 🛡️ Prompt injection detection
  • 🔑 Plaintext secret detection
  • 👤 Privilege escalation checks
  • 📦 Skill supply chain security
  • 🔍 Code obfuscation detection
  • 📝 Security documentation generation
  • 🌐 Zero-trust tunnel detection (Tailscale, Cloudflare Tunnel)
  • 🧩 OpenClaw-specific checks (commands, sandbox, plugins, agents, hooks)

Installation

npm install -g secureclaw

Zero npm dependencies. Requires Node >= 18.

Quick Start

Audit Mode (Scan Only)

# Auto-detect OpenClaw/Clawdbot installation
secureclaw audit

# Scan specific path
secureclaw audit /path/to/openclaw

# Output as JSON, SARIF, or HTML
secureclaw audit --format json --output report.json
secureclaw audit --format sarif --output report.sarif
secureclaw audit --format html --output report.html

# Filter by minimum severity
secureclaw audit --severity high

Fix Mode (Scan + Remediate)

# Interactive mode (approve each fix)
secureclaw fix

# Automatic mode (apply all fixes)
secureclaw fix --auto

# Fix only critical-tier issues
secureclaw fix --auto --tier T1

# Fix critical + high-risk issues
secureclaw fix --auto --tier T2

Summary Mode

# Quick overview without full scan output
secureclaw summary

Features

🔍 Security Checks (18 Categories, 33+ Checks)

  1. Control Panel Security - Gateway authentication, token strength, IP binding, zero-trust tunnel detection
  2. Prompt Injection Protection - Detects missing prompt-guard skill
  3. Plaintext Secrets - Finds API keys, tokens in config files
  4. Skill Supply Chain - Scans for malicious patterns, exfiltration domains
  5. Privilege Configuration - Checks for root/admin execution
  6. Security Documentation - Validates SECURITY.md presence
  7. Code Obfuscation - Detects base64, eval(), exec() usage
  8. Credential Encryption - Validates encryption at rest
  9. Browser Control Exposure - RCE risk, JavaScript evaluation
  10. Filesystem Permissions - World-readable configs
  11. DM Pairing - Open DM policy, session isolation
  12. Group Mention Gating - Group chat attack surface
  13. Model Provider Privacy - Data retention warnings
  14. Tool Policy Enforcement - Unrestricted tools, elevated permissions
  15. Incident Response - Audit logging, log redaction
  16. MCP Server Security - Tool poisoning detection
  17. Advanced Features - Shell commands, config editing, debug mode, webhooks, sandbox, plugins, agent-to-agent messaging
  18. OpenClaw-Specific - Tailscale Funnel, insecure auth, context segregation

🏷️ Severity Tiers

Findings are organized into four tiers for prioritized remediation:

| Tier | Name | Description | Examples | |------|------|-------------|----------| | T1 | Critical Exposure | Immediate remote exploitation risk | No gateway auth, shell commands in chat, public Tailscale Funnel | | T2 | High Risk | Significant security gaps | No context segregation, debug commands enabled, no plugin allowlist | | T3 | Hardening | Defense-in-depth improvements | Sandbox read-write access, network-enabled containers, browser JS eval | | T4 | Best Practice | Operational maturity | Log redaction patterns, session isolation, elevated tool restrictions |

🛠️ Automated Fixes (25+ Remediation Actions)

  • Generate strong gateway tokens (64-char cryptographic)
  • Generate webhook authentication tokens
  • Disable dangerous chat commands (bash, config, debug, restart)
  • Disable agent-to-agent messaging
  • Set sandbox workspace to read-only
  • Isolate sandbox network (set to none)
  • Disable shell environment sourcing
  • Disable Tailscale Funnel (switch to serve mode)
  • Configure Tailscale zero-trust networking
  • Setup Cloudflare Tunnel (cloudflared)
  • Install prompt-guard skill
  • Enable context segregation
  • Generate security documentation (SECURITY.md)
  • Secure credentials (chmod 600 + ownership hardening)
  • Enable audit logging

📊 Output Formats

| Format | Flag | Use Case | |--------|------|----------| | Text | --format text | Terminal output (default) | | JSON | --format json | Programmatic consumption, CI/CD | | SARIF | --format sarif | GitHub Code Scanning integration | | HTML | --format html | Shareable reports with inline CSS |

🌍 Platform Support

  • Linux (Debian, Ubuntu, RHEL, CentOS)
  • macOS (Homebrew)
  • Windows (WSL)

Non-Root Support

17 out of 20 auto-fix actions work without root/sudo. When a fix fails due to permissions, SecureClaw shows a boxed copy-paste command:

[ERROR] Permission denied: Install Tailscale

  ┌─ Manual fix (copy & paste) ──────────────────────
  │ curl -fsSL https://tailscale.com/install.sh | sh && sudo tailscale up
  └─────────────────────────────────────────────────

Commands are platform-aware (Linux gets apt/curl, macOS gets brew). Config edits use node -e one-liners since Node.js is guaranteed present.

Usage Examples

Basic Audit

$ secureclaw audit ~/.openclaw

Output:

╔═══════════════════════════════════════════════════════════════╗
║   SecureClaw - Clawdbot Security Suite              v1.5.0  ║
╚═══════════════════════════════════════════════════════════════╝

[INFO] Running security audit...
[INFO] Target: /home/user/.openclaw

SecureClaw Security Scanner v1.5.0
Platform: linux

[1/18] Checking Control panel security...
[2/18] Checking Prompt injection protection...
...
[17/18] Checking Advanced features...
[18/18] Checking OpenClaw-specific security...

═══════════════════════════════════════════════════════
SECURITY ASSESSMENT COMPLETE
═══════════════════════════════════════════════════════

Findings:
  Critical: 5
  High:     14
  Medium:   9
  Low:      3

Risk Score: 141 (SEVERE)

Tier-Based Fix

# Fix only T1 (critical exposure) issues first
$ secureclaw fix --auto --tier T1

Tier filter: T1 (showing T1)
Fixable issues: 7/31

[SUCCESS] Gateway token updated (xjQMc1rL...)
[SUCCESS] Set gateway.tailscale.mode = "serve"
[SUCCESS] Webhook token generated (RUQQ4Y49...)
[SUCCESS] Set commands.bash = false

Fixed:   4
Failed:  3  (require sudo/system access)

Interactive Fix

$ secureclaw fix

Prompts for approval on each fix:

═══════════════════════════════════════════════════════
Finding 1/31
═══════════════════════════════════════════════════════
Severity: CRITICAL
Tier: T1
Title: Shell commands enabled in chat via ! prefix

[FIX] Setting commands.bash = false...
Apply this fix? [Y/n]: y

[SUCCESS] Set commands.bash = false

SARIF for GitHub Code Scanning

$ secureclaw audit --format sarif --output results.sarif
# Upload to GitHub via: gh api repos/OWNER/REPO/code-scanning/sarifs

Risk Scoring

SecureClaw assigns risk scores based on finding severity:

  • CRITICAL: 10 points each
  • HIGH: 5 points each
  • MEDIUM: 2 points each
  • LOW: 1 point each

Risk Levels:

  • 0-10: MINIMAL
  • 11-20: LOW
  • 21-30: MODERATE
  • 31-50: HIGH
  • 51+: SEVERE

Configuration

SecureClaw auto-detects OpenClaw and Clawdbot installations. When you provide a target path, it searches the target first, then falls back to the home directory:

Search order (first match wins):
  1. <target>/.openclaw/openclaw.json     ← Docker/container installs
  2. <target>/openclaw.json
  3. <target>/.clawdbot/clawdbot.json
  4. <target>/config.json
  5. <target>/clawdbot.json
  6. ~/.openclaw/openclaw.json             ← Home directory fallback
  7. ~/.clawdbot/clawdbot.json

When no target path is given, auto-detection checks:

  • ~/.openclaw
  • ~/.clawdbot
  • /opt/clawdbot
  • Common Node.js global module paths

Override with explicit path:

secureclaw audit /custom/path

Config File

Create .secureclawrc.json in your project root to set defaults:

{
  "format": "json",
  "severity": "medium",
  "tier": "T2",
  "ignore": ["no-security-md", "no-audit-log"],
  "output": "secureclaw-report.json"
}

Exit Codes

  • 0: Success, no critical issues
  • 1: Error during execution
  • 2: Critical security issues found (audit mode)

Requirements

  • Node.js: v18.0.0 or higher
  • Permissions: Some fixes require sudo/admin access
  • OpenClaw/Clawdbot: Compatible with OpenClaw 2026.x+ and Clawdbot 2024.x+

Security

Found a security issue in SecureClaw itself? Report it to: [email protected]

License

MIT License - see LICENSE file for details

Support

📧 Email: [email protected]

Changelog

See CHANGELOG.md for the full version history.

v1.5.0 (2026-02-01)

  • Config detection searches target path first, home directory as fallback
  • Scanner checks <target>/.openclaw/openclaw.json (Docker/container layouts)
  • Filesystem permissions and vault checks use detected config path
  • 88 tests

v1.4.0 (2026-02-01)

  • Platform-aware copy-paste manual fix commands in error output
  • Removed non-existent dependencies (clawdbot-keyutils, universal-vault.sh)
  • All external references verified against live registries
  • Credential protection via file permissions instead of fake vault tools
  • Non-root support: 17/20 fixes work without sudo

v1.3.0 (2026-01-31)

See CHANGELOG.md for full history.