secrets-hygiene
Secrets Hygiene
State file: ~/.openclaw/skill-state/secrets-hygiene/state.yaml
Credentials you forgot about are credentials that will leak.
When to Use
- On Monday 9am cron wakeup
- When adding or removing a skill that uses credentials
- After any suspected security incident
The Audit Process
Step 1: Inventory
List all secrets currently configured in OpenClaw (env vars, config files, keychain entries referenced by installed skills). For each, record: name, which skills access it, when it was last rotated (if known).
Step 2: Flag Stale Secrets
A secret is stale if:
More from archieindian/openclaw-superpowers
context-window-management
Prevents context overflow on long-running OpenClaw sessions. Use when approaching context limits.
28heartbeat-governor
Enforces per-skill execution budgets for scheduled cron skills — pauses runaway skills that exceed their token or wall-clock budget before they drain your monthly API allowance.
27using-superpowers
Bootstrap skill — teaches the agent how to find and invoke skills. Use when starting any new task or session.
23long-running-task-management
Breaks multi-hour tasks into checkpointed stages with resume capability. Use when a task is expected to take more than 30 minutes or multiple sessions.
22fact-check-before-trust
Triggers a secondary verification pass for any agent output containing factual claims, numbers, dates, or named entities before the output is acted on
21persistent-memory-hygiene
Keeps OpenClaw's memory store clean, structured, and useful. Use at session end and during periodic maintenance.
20