ClawShield
Purpose
Audit a local OpenClaw install for security posture and common prompt-injection indicators. Produces a JSON report for review and alerting.
Workflow
- 1. Canvas present: Launch the panel server and present the UI.
- User config: Update
config.yaml (scan frequency, alerts, sensitivity). - Cron setup: Schedule
scripts/audit.sh at the chosen cadence. - Report/Alert: Review JSON output and alert if prompt-injection hits or unexpected open ports are found.
Usage
Panel (recommended)
node scripts/panel-server.js
Then present the UI:
- -
canvas.present → http://localhost:8133 (Scan / Settings / Logs)
Config (CLI)
�CODEBLOCK1
Audit (CLI)
�CODEBLOCK2
Notes
- - Local-only scans; no network calls outside localhost.
- Panel server is local and stores the last report at
logs/last-report.json. - INLINECODE5� defaults: Scan_freq=daily, alerts=telegram, sensitivity=high.
- Safe for routine security checks and “frenzy-proofing”.
Contact: Jeffrey Coleman | smallbizailab79@gmail.com | Custom audits/enterprise.
技能名称: clawshield
详细描述:
ClawShield
目的
审计本地OpenClaw安装的安全态势及常见提示注入指标。生成JSON报告以供审查和告警。
工作流程
- 1. 画布呈现:启动面板服务器并展示用户界面。
- 用户配置:更新config.yaml(扫描频率、告警、敏感度)。
- 定时任务设置:按所选频率调度scripts/audit.sh。
- 报告/告警:审查JSON输出,若发现提示注入命中或意外开放端口则触发告警。
使用方法
面板(推荐)
bash
node scripts/panel-server.js
然后展示用户界面:
- - canvas.present → http://localhost:8133(扫描/设置/日志)
配置(命令行)
bash
node scripts/config.js get
node scripts/config.js set Scan_freq daily alerts telegram sensitivity high
审计(命令行)
bash
bash scripts/audit.sh > report.json
备注
- - 仅限本地扫描;不进行localhost以外的网络调用。
- 面板服务器为本地运行,最新报告存储于logs/last-report.json。
- config.yaml默认值:Scan_freq=daily,alerts=telegram,sensitivity=high。
- 适用于常规安全检查及“防疯狂”防护。
联系方式:Jeffrey Coleman | smallbizailab79@gmail.com | 定制审计/企业服务
