feat: skill expansion — browser, security, SQL, files (16 skills total)

Novas skills instaladas: - openclaw-agent-browser v1.0.0 CLI Chromium — navegação, login, screenshots, state - skill-security-audit v1.0.0 SAST scanning, prompt injection, secrets audit - sql-toolkit v1.0.0 PostgreSQL/MySQL/SQLite — schema, query, otimização - file v1.0.0 Organização de arquivos por contexto - file-summary v1.0.0 Extração e resumo de PDFs, Word, Excel Workspace expandido: - TOOLS.md: +Browser automation, Security audit, SQL, File management - AGENTS.md: +Linux Analyst section (comandos, logs, rede, scripts) + Full-stack strategy - MEMORY.md: 16 skills indexadas, stack map, comandos Linux ref - SESSION-STATE.md: atualizado com contexto completo - lock.json: sincronizado com 16 skills instaladas
2026-05-19 20:51:05 -03:00
parent 483bcbf92e
commit 22d9f5b21d
85 changed files with 6182 additions and 38 deletions
@@ -0,0 +1,66 @@
+# OpenClaw Security Audit Reference
+
+This combines findings, applied changes, and remaining remediation from a comprehensive security audit. Use as a template for auditing any OpenClaw installation.
+
+## Severity Levels & Common Findings
+
+### Critical
+
+1. **Plaintext secrets in openclaw.json** — API keys, bot tokens, passwords stored in cleartext. Migrate to credential store, env vars, or `tokenFile` references.
+2. **Gateway auth disabled** (`gateway.auth.mode: "none"`) — Anyone on the network can access the full gateway API. Set to `"token"` with a strong bearer token.
+3. **Open DM policies** (`dmPolicy: "open"` + `allowFrom: ["*"]`) — Anyone can message your bots. Change to `"pairing"` or explicit allowlists.
+
+### High
+
+4. **Control UI wildcard origins** (`allowedOrigins: ["*"]`) — CSRF risk. Restrict to localhost.
+5. **World-readable credentials** — WhatsApp session files at 644. Fix: `chmod 600`.
+6. **Unencrypted node communication** — Set `tls: true` in `node.json`.
+
+### Medium
+
+7. **Permissive directory modes** — `credentials/`, `identity/`, `logs/`, `browser/`, `skills/` at 755. Fix: `chmod 700`.
+8. **Unrestricted subagent access** — `allowAgents: ["*"]` lets any agent spawn as any other. Scope to specific lists.
+9. **Group bots not requiring @mention** — Responds to every message, wasting tokens.
+
+### Low
+
+10. **Config backup proliferation** — Multiple `.bak` files containing secrets.
+11. **Orphaned agent directories** — Stale data from deleted agents.
+12. **Unrotated logs** — Gateway logs growing unbounded.
+13. **Stale cron run logs** and temp files.
+
+## Remediation Checklist Template
+
+### Immediate (Critical)
+
+- [ ] Enable gateway auth: `openclaw config set gateway.auth.mode "token" && openclaw config set gateway.auth.token "$(openssl rand -base64 32)"`
+- [ ] Lock Telegram DMs: change each account to `dmPolicy: "pairing"`, remove `allowFrom: ["*"]`
+- [ ] Fix credential permissions: `chmod 600` on all credential files, `chmod 700` on credential directories
+- [ ] Migrate bot tokens to `tokenFile` references (create `credentials/telegram/<bot>.token` files at 600)
+
+### High Priority
+
+- [ ] Restrict control UI origins to localhost
+- [ ] Enable node TLS
+- [ ] Fix directory permissions (700 for sensitive dirs)
+
+### Medium Priority
+
+- [ ] Scope subagent access per agent
+- [ ] Enable `requireMention` on group bots
+- [ ] Run `openclaw security audit --deep --fix`
+
+### Maintenance
+
+- [ ] Delete stale config backups
+- [ ] Remove orphaned agent directories
+- [ ] Set up log rotation
+- [ ] Clean cron run logs periodically
+- [ ] Remove `.DS_Store` and temp files
+
+## Post-Change Actions
+
+1. `openclaw gateway restart`
+2. Test all Telegram bots (existing paired users still work; new users need pairing codes)
+3. Verify node connectivity if TLS was changed
+4. Update backup after confirming new config works