openclaw-deployment-hardening
Installation
SKILL.md
OpenClaw Deployment Hardening
Use this skill to add repeatable security gates around OpenClaw build and deployment workflows.
Enforce a Secure Build Pipeline
Add mandatory controls to CI before artifacts are promoted:
- Dependency and lockfile vulnerability scan (fail on critical CVEs).
- Image scan for OS/package vulnerabilities.
- Secret scanning across source and build context.
- SBOM generation and artifact signing.
- Policy check that blocks deploy when controls fail.
Example CI step order: