Roberto/pulse-libs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
2855032e7631ff7e3df726c5fb5d6514ae411cf4
pulse-libs/skills/openclaw-power-ops/references/security-audit.md
T
Pulse 22d9f5b21d feat: skill expansion — browser, security, SQL, files (16 skills total) 
Novas skills instaladas:
- openclaw-agent-browser   v1.0.0  CLI Chromium — navegação, login, screenshots, state
- skill-security-audit    v1.0.0  SAST scanning, prompt injection, secrets audit
- sql-toolkit             v1.0.0  PostgreSQL/MySQL/SQLite — schema, query, otimização
- file                    v1.0.0  Organização de arquivos por contexto
- file-summary            v1.0.0  Extração e resumo de PDFs, Word, Excel

Workspace expandido:
- TOOLS.md: +Browser automation, Security audit, SQL, File management
- AGENTS.md: +Linux Analyst section (comandos, logs, rede, scripts) + Full-stack strategy
- MEMORY.md: 16 skills indexadas, stack map, comandos Linux ref
- SESSION-STATE.md: atualizado com contexto completo
- lock.json: sincronizado com 16 skills instaladas
2026-05-19 20:51:05 -03:00

2.8 KiB
Raw Blame History

OpenClaw Security Audit Reference

This combines findings, applied changes, and remaining remediation from a comprehensive security audit. Use as a template for auditing any OpenClaw installation.

Severity Levels & Common Findings

Critical

  1. Plaintext secrets in openclaw.json — API keys, bot tokens, passwords stored in cleartext. Migrate to credential store, env vars, or tokenFile references.
  2. Gateway auth disabled (gateway.auth.mode: "none") — Anyone on the network can access the full gateway API. Set to "token" with a strong bearer token.
  3. Open DM policies (dmPolicy: "open" + allowFrom: ["*"]) — Anyone can message your bots. Change to "pairing" or explicit allowlists.

High

  1. Control UI wildcard origins (allowedOrigins: ["*"]) — CSRF risk. Restrict to localhost.
  2. World-readable credentials — WhatsApp session files at 644. Fix: chmod 600.
  3. Unencrypted node communication — Set tls: true in node.json.

Medium

  1. Permissive directory modescredentials/, identity/, logs/, browser/, skills/ at 755. Fix: chmod 700.
  2. Unrestricted subagent accessallowAgents: ["*"] lets any agent spawn as any other. Scope to specific lists.
  3. Group bots not requiring @mention — Responds to every message, wasting tokens.

Low

  1. Config backup proliferation — Multiple .bak files containing secrets.
  2. Orphaned agent directories — Stale data from deleted agents.
  3. Unrotated logs — Gateway logs growing unbounded.
  4. Stale cron run logs and temp files.

Remediation Checklist Template

Immediate (Critical)

  • Enable gateway auth: openclaw config set gateway.auth.mode "token" && openclaw config set gateway.auth.token "$(openssl rand -base64 32)"
  • Lock Telegram DMs: change each account to dmPolicy: "pairing", remove allowFrom: ["*"]
  • Fix credential permissions: chmod 600 on all credential files, chmod 700 on credential directories
  • Migrate bot tokens to tokenFile references (create credentials/telegram/<bot>.token files at 600)

High Priority

  • Restrict control UI origins to localhost
  • Enable node TLS
  • Fix directory permissions (700 for sensitive dirs)

Medium Priority

  • Scope subagent access per agent
  • Enable requireMention on group bots
  • Run openclaw security audit --deep --fix

Maintenance

  • Delete stale config backups
  • Remove orphaned agent directories
  • Set up log rotation
  • Clean cron run logs periodically
  • Remove .DS_Store and temp files

Post-Change Actions

  1. openclaw gateway restart
  2. Test all Telegram bots (existing paired users still work; new users need pairing codes)
  3. Verify node connectivity if TLS was changed
  4. Update backup after confirming new config works
Reference in New Issue View Git Blame Copy Permalink