Is my data secure and encrypted?

All data is encrypted at rest using AES-256 and in transit using TLS 1.3. Your encryption keys are stored exclusively on your dedicated VPS.

Are my conversations truly private?

Yes. Each user gets a fully isolated container environment. We follow a zero-knowledge architecture.

Do you train AI models on my data?

Never. Your conversations and data are never used to train AI models.

OpenClaw Skillv0.2.6

Openclaw Sec

by PaoloRollo

Deploy on EasyClawdfrom $14.9/mo

AI Agent Security Suite - Real-time protection against prompt injection, command injection, SSRF, path traversal, secrets exposure, and content policy violations

How to use this skill

OpenClaw skills run inside an OpenClaw container. EasyClawd deploys and manages yours — no server setup needed.

Sign up on EasyClawd (2 minutes)
Connect your Telegram bot
Install Openclaw Sec from the skills panel

Get started — from $14.9/mo

10stars

4,104downloads

11installs

0comments

8versions

Download ZIP View on ClawHub

Latest Changelog

openclaw-sec 0.2.6

- Added new detection modules: code execution, exfiltration, injection validator, and serialization detection.
- Introduced corresponding runtime validation patterns for code execution, exfiltration, SQL injection, template injection, general injection, and serialization attacks.
- Significantly expanded test coverage for all new modules and patterns.
- Updated core security engine and type definitions to support new modules.
- Enhanced the modular structure to accommodate more security pattern categories.

Skill Documentation

---
name: openclaw-sec
description: AI Agent Security Suite - Real-time protection against prompt injection, command injection, SSRF, path traversal, secrets exposure, and content policy violations
version: 1.0.2
author: OpenClaw Security Team
metadata:
  category: security
  tags:
    - security
    - validation
    - ai-safety
    - prompt-injection
    - command-injection
    - ssrf
    - secrets-detection
  performance: 20-50ms validation time
  modules: 6 detection modules
  patterns: 168 patterns across 16 categories
---

# OpenClaw Security Suite

**Comprehensive AI Agent Protection** - Real-time security validation with 6 parallel detection modules, intelligent severity scoring, and automated action enforcement.

## Overview

OpenClaw Security Suite protects AI agent systems from security threats through:

- ✅ **6 Parallel Detection Modules** - Comprehensive threat coverage
- ⚡ **Sub-50ms Validation** - Real-time with async database writes
- 🎯 **Smart Severity Scoring** - Context-aware risk assessment
- 🔧 **Automated Actions** - Block, warn, or log based on severity
- 📊 **Analytics & Reputation** - Track patterns and user behavior
- 🪝 **Auto-Hooks** - Transparent protection via hooks

## Architecture

```
┌─────────────────────────────────────────────────────────────┐
│                    User Input / Tool Call                    │
└──────────────────────────┬──────────────────────────────────┘
                           │
                           ▼
         ┌─────────────────────────────────┐
         │      Security Engine (Main)      │
         │    • Orchestrates all modules    │
         │    • Aggregates findings         │
         │    • Determines actions          │
         └────────────┬────────────────────┘
                      │
        ┌─────────────┴──────────────┐
        │   Parallel Detection (6)    │
        └─────────────┬───────────────┘
                      │
    ┌─────┬─────┬────┴────┬─────┬─────┐
    ▼     ▼     ▼         ▼     ▼     ▼
  Prompt Command URL    Path Secret Content
  Inject Inject  Valid  Valid Detect Scanner
    ↓     ↓      ↓      ↓     ↓      ↓
    └─────┴──────┴──────┴─────┴──────┘
                      │
                      ▼
         ┌────────────────────────┐
         │   Severity Scorer       │
         │ • Calculates risk level │
         │ • Weights by module     │
         └────────┬───────────────┘
                  │
                  ▼
         ┌────────────────────────┐
         │    Action Engine        │
         │ • Rate limiting         │
         │ • Reputation scoring    │
         │ • Action determination  │
         └────────┬───────────────┘
                  │
        ┌─────────┴─────────┐
        ▼                   ▼
   ┌─────────┐       ┌──────────────┐
   │ Return  │       │ Async Queue  │
   │ Result  │       │ • DB writes  │
   │ ~20-50ms│       │ • Logging    │
   └─────────┘       │ • Notify     │
                     └──────────────┘
```

## Commands

All commands are available via the `/openclaw-sec` skill or `openclaw-sec` CLI.

### Validation Commands

#### `/openclaw-sec validate-command <command>`

Validate a shell command for injection attempts.

```bash
openclaw-sec validate-command "ls -la"
openclaw-sec validate-command "rm -rf / && malicious"
```

**Options:**
- `-u, --user-id <id>` - User ID for tracking
- `-s, --session-id <id>` - Session ID for tracking

**Example Output:**
```
Validating command: rm -rf /

Severity: HIGH
Action: block
Findings: 2

Detections:
  1. command_injection - Dangerous command pattern detected
     Matched: rm -rf /

Recommendations:
  • Validate and sanitize any system commands
  • Use parameterized commands instead of string concatenation
```

---

#### `/openclaw-sec check-url <url>`

Validate a URL for SSRF and security issues.

```bash
openclaw-sec check-url "https://example.com"
openclaw-sec check-url "http://169.254.169.254/metadata"
openclaw-sec check-url "file:///etc/passwd"
```

**Options:**
- `-u, --user-id <id>` - User ID
- `-s, --session-id <id>` - Session ID

**Detects:**
- Internal/private IP addresses (RFC 1918, link-local)
- Cloud metadata endpoints (AWS, Azure, GCP)
- Localhost and loopback addresses
- File protocol URIs
- Credential exposure in URLs

---

#### `/openclaw-sec validate-path <path>`

Validate a file path for traversal attacks.

```bash
openclaw-sec validate-path "/tmp/safe-file.txt"
openclaw-sec validate-path "../../../etc/passwd"
openclaw-sec validate-path "/proc/self/environ"
```

**Options:**
- `-u, --user-id <id>` - User ID
- `-s, --session-id <id>` - Session ID

**Detects:**
- Directory traversal patterns (`../`, `..\\`)
- Absolute path to sensitive files (`/etc/passwd`, `/proc/*`)
- Null byte injection
- Unicode/encoding tricks
- Windows UNC paths

---

#### `/openclaw-sec scan-content <text|file>`

Scan content for secrets, obfuscation, and policy violations.

```bash
openclaw-sec scan-content "Normal text here"
openclaw-sec scan-content --file ./document.txt
openclaw-sec scan-content "API_KEY=sk-abc123def456"
```

**Options:**
- `-f, --file` - Treat argument as file path
- `-u, --user-id <id>` - User ID
- `-s, --session-id <id>` - Session ID

**Detects:**
- API keys and tokens (OpenAI, AWS, GitHub, etc.)
- Database credentials
- SSH private keys
- JWT tokens
- Base64/hex obfuscation
- Excessive special characters
- Policy violations

---

#### `/openclaw-sec check-all <text>`

Run comprehensive security scan with all modules.

```bash
openclaw-sec check-all "Your input text here"
```

**Options:**
- `-u, --user-id <id>` - User ID
- `-s, --session-id <id>` - Session ID

**Example Output:**
```
Running comprehensive security scan...
──────────────────────────────────────

📊 Scan Results
Severity: MEDIUM
Action: warn
Fingerprint: a1b2c3d4e5f6g7h8
Total Findings: 3

🔍 Detections by Module:

  prompt_injection (2 findings)
    1. instruction_override
       Severity: MEDIUM
       Description: Attempt to override system instructions

  url_validator (1 findings)
    1. ssrf_private_ip
       Severity: HIGH
       Description: Internal IP address detected
```

---

### Monitoring Commands

#### `/openclaw-sec events`

View recent security events.

```bash
openclaw-sec events
openclaw-sec events --limit 50
openclaw-sec events --user-id "[email protected]"
openclaw-sec events --severity HIGH
```

**Options:**
- `-l, --limit <number>` - Number of events (default: 20)
- `-u, --user-id <id>` - Filter by user
- `-s, --severity <level>` - Filter by severity

**Output:**
```
📋 Security Events

Timestamp            Severity   Action       User ID          Module
────────────────────────────────────────────────────────────────────
2026-02-01 10:30:22  HIGH       block        [email protected]   command_validator
2026-02-01 10:29:15  MEDIUM     warn         [email protected]     url_validator
2026-02-01 10:28:03  LOW        log          [email protected]  prompt_injection
```

---

#### `/openclaw-sec stats`

Show security statistics.

```bash
openclaw-sec stats
```

**Output:**
```
📊 Security Statistics

Database Tables:
  • security_events
  • rate_limits
  • user_reputation
  • attack_patterns
  • notifications_log
```

---

#### `/openclaw-sec analyze`

Analyze security patterns and trends.

```bash
openclaw-sec analyze
openclaw-sec analyze --user-id "[email protected]"
```

**Options:**
- `-u, --user-id <id>` - Analyze specific user

**Output:**
```
🔬 Security Analysis

User Reputation:
  Trust Score: 87.5
  Total Requests: 1,234
  Blocked Attempts: 5
  Allowlisted: No
  Blocklisted: No
```

---

#### `/openclaw-sec reputation <user-id>`

View user reputation and trust score.

```bash
openclaw-sec reputation "[email protected]"
```

**Output:**
```
👤 User Reputation

User ID: [email protected]
Trust Score: 92.3
Total Requests: 5,678
Blocked Attempts: 12
✓ Allowlisted
Last Violation: 2026-01-15 14:22:00
```

---

#### `/openclaw-sec watch`

Watch for security events in real-time (placeholder).

```bash
opencla

Read full documentation on ClawHub

Security scan, version history, and community comments: view on ClawHub

Openclaw Sec

How to use this skill

Latest Changelog

Tags

Skill Documentation