clawsec-suite
Security suite manager with embedded advisory feed monitoring, cryptographic verification, and approval-gated malicious-skill response.
- Monitors ClawSec advisory feed for new security advisories, cross-references them against installed skills, and requires explicit user approval before removing flagged skills
- Includes cryptographic signature verification for release archives and advisory feeds using pinned public keys with out-of-band fingerprint validation
- Provides guarded skill installation with double-confirmation flow: first confirmation to install, second after reviewing advisory details if matches are found
- Embeds advisory guardian hook for OpenClaw with optional cron scheduling, plus dynamic skill catalog discovery and state tracking across sessions
- Supports advisory suppression via allowlist configuration for reviewed or non-applicable advisories, with exploitability scoring to prioritize real-world threats
ClawSec Suite
Operational Notes
- Required runtime:
node,npx,openclaw,curl,jq,shasum,openssl,unzip - Side effects: setup scripts install an advisory hook under
~/.openclaw/hooks, optionally create an unattendedopenclaw cronjob, and usenpx clawhub@latest installfor guarded installs - Network behavior: fetches signed advisory feed artifacts and remote catalog metadata unless you pin local paths
- Trust model: the suite can recommend removal or block risky installs, but removal/install overrides stay approval-gated
This means clawsec-suite can:
- monitor the ClawSec advisory feed,
- track which advisories are new since last check,
- cross-reference advisories against locally installed skills,
- recommend removal for malicious-skill advisories and require explicit user approval first,
- and still act as the setup/management entrypoint for other ClawSec protections.
Included vs Optional Protections
More from prompt-security/clawsec
openclaw-audit-watchdog
Automated daily security audits for OpenClaw agents with DM delivery and optional email reporting. Runs deep audits, creates or updates a recurring cron job, and sends formatted reports to configured recipients.
599soul-guardian
Drift detection + baseline integrity guard for agent workspace files with automatic alerting support
193clawsec-feed
Security advisory feed package for OpenClaw-related threats and vulnerabilities. The upstream feed is updated daily; local automation is handled by clawsec-suite or the operator.
188clawsec-clawhub-checker
ClawHub reputation checker for clawsec-suite. Adds a standalone reputation gate before guarded skill installation.
188clawtributor
Community incident reporting for AI agents. Contribute to collective security by reporting threats.
159claw-release
Release automation for Claw skills and website. Guides through version bumping, tagging, and release verification.
152