Harden OpenClaw (workspace + ~/.openclaw): run openclaw security audit, catch prompt-injection/exfil risks, scan for secrets, and apply safe fixes (chmod/exec-bit cleanup). Includes optional config.patch planning to reduce attack surface.
数据来源:ClawHub。 在 ClawSkills 查看
选择你使用的 Agent
方法一:命令行安装(推荐)
推荐(无需提前安装 clawhub)
npx clawhub@latest --dir ~/.claude/skills install openclaw-hardener或使用 clawhub CLI(需提前安装)
clawhub --dir ~/.claude/skills install openclaw-hardener⚠️ 需要 Node.js 18+,没有 Node?请使用下方方法二直接下载 ZIP。 安装 Node.js →
方法二:手动下载安装(无需 Node)
下载 ZIP,解压后将文件夹放到以下路径,重启 Agent 即可:
安装路径
~/.claude/skills/openclaw-hardener/💡解压后将文件夹放到上方路径,重启 Agent 即可生效
--- name: openclaw-hardener description: "Harden OpenClaw (workspace + ~/.openclaw): run openclaw security audit, catch prompt-injection/exfil risks, scan for secrets, and apply safe fixes (chmod/exec-bit cleanup). Includes optional config.patch planning to reduce attack surface." ---
This skill provides a user-choice hardening tool that can:
openclaw security audit --deep / --fix)..env, unsafe serialization patterns, etc.).config.patch plan to tighten runtime policy.Script:
skills_live/openclaw-hardener/scripts/hardener.pyExamples:
# Read-only checks (recommended default)
python3 skills_live/openclaw-hardener/scripts/hardener.py check --all
# Only run OpenClaw built-in audit (deep)
python3 skills_live/openclaw-hardener/scripts/hardener.py check --openclaw
# Only run workspace checks
python3 skills_live/openclaw-hardener/scripts/hardener.py check --workspace
# Apply safe fixes (chmod/exec-bit cleanup + optionally openclaw audit --fix)
python3 skills_live/openclaw-hardener/scripts/hardener.py fix --all
# Generate a config.patch plan (prints JSON5 patch)
python3 skills_live/openclaw-hardener/scripts/hardener.py plan-config
# Apply the plan (requires a running gateway; uses `openclaw gateway call`)
python3 skills_live/openclaw-hardener/scripts/hardener.py apply-configfix or apply-config.openclaw security audit --deep (and --fix in fix mode).~/.openclaw (basic checks)..env files (warn) and tracked .env (fail).Generates a conservative config.patch template focusing on:
(Exact keys depend on your config; the plan is best-effort and should be reviewed.)
安装 OpenClaw Hardener 后,可以对 AI 说这些话来触发它
Help me get started with OpenClaw Hardener
Explains what OpenClaw Hardener does, walks through the setup, and runs a quick demo based on your current project
Use OpenClaw Hardener to harden OpenClaw (workspace + ~/
Invokes OpenClaw Hardener with the right parameters and returns the result directly in the conversation
What can I do with OpenClaw Hardener in my ai agent & automation workflow?
Lists the top use cases for OpenClaw Hardener, with example commands for each scenario
将技能文件夹放到 ~/.claude/skills/openclaw-hardener/ 目录(个人级,所有项目可用),或 .claude/skills/openclaw-hardener/(项目级)。重启 AI 客户端后,用 /openclaw-hardener 主动调用,或让 AI 根据上下文自动发现并使用。
OpenClaw Hardener 支持 Claude、Cursor、OpenClaw,可与这些 AI 平台无缝集成,扩展其能力。
OpenClaw Hardener 可免费安装使用。请查阅仓库了解许可证信息。
Harden OpenClaw (workspace + ~/.openclaw): run openclaw security audit, catch prompt-injection/exfil risks, scan for secrets, and apply safe fixes (chmod/exec-bit cleanup). Includes optional config.patch planning to reduce attack surface.
OpenClaw Hardener 属于「AI Agent & Automation」分类,该分类的技能帮助 AI 智能体在此领域执行专业任务。
Automate my ai agent & automation tasks using OpenClaw Hardener
Identifies repetitive steps in your workflow and sets up OpenClaw Hardener to handle them automatically