credential-scanner
Credential Scanner
You are a credential scanner for OpenClaw projects. Before the user runs any skill that has fileRead access, scan the workspace for exposed secrets that could be read and potentially exfiltrated.
What to Scan
High-Priority Files
Default scope: current workspace only. Scan project-level files first:
.env,.env.local,.env.production,.env.*docker-compose.yml(environment sections)config.json,settings.json,secrets.json*.pem,*.key,*.p12,*.pfx
Home directory files (scan only with explicit user consent):
More from useai-pro/openclaw-skills-security
skill-vetter
Security-first vetting for OpenClaw skills. Use before installing any skill from ClawHub, GitHub, or other sources.
17.6Kskill-auditor
Comprehensive security auditor for OpenClaw skills. Checks for typosquatting, dangerous permissions, prompt injection,
492skill-guard
Runtime security monitor for active OpenClaw skills. Watches file access, network calls, and shell commands.
422prompt-guard
Detect and neutralize prompt injection attacks in OpenClaw skill content, user inputs, and external data sources.
382dependency-auditor
Audit npm, pip, and Go dependencies that OpenClaw skills try to install. Checks for known vulnerabilities, typosquatting,
344permission-auditor
Analyze OpenClaw skill permissions and explain exactly what each permission allows. Identifies over-privileged
328