Navil Audit — Deep Security Audit for OpenClaw

A comprehensive security assessment that goes beyond scanning files. Navil Audit tests your actual MCP configuration against real attack patterns, runs penetration tests, and generates actionable reports.

When to Use This Skill

• - User asks for a "full security audit" or "deep scan" or "security check"
• User wants to know what attacks would work against their current setup
• User needs a security report for compliance or review
• User is evaluating whether their MCP servers are safe for production use
• User says "pentest" or "penetration test" or "attack simulation"
• Before deploying a new MCP server to production
• As part of a CI/CD pipeline security gate

Audit Process

When the user requests an audit, run the following steps in order. Present each section's results before moving to the next.

Phase 1: Configuration Scan

CODEBLOCK0

Parse the JSON output. Present findings grouped by severity:

• - CRITICAL: Must fix immediately (plaintext credentials, no authentication, known CVE patterns)
• HIGH: Should fix soon (over-privileged permissions, unverified sources)
• MEDIUM: Worth addressing (missing best practices)
• LOW: Informational

Show the overall security score (0-100) prominently.

Phase 2: Penetration Testing

CODEBLOCK1

This runs 11 SAFE-MCP attack simulations. No real network traffic is generated. Present results as a table:

Attack	Status	Description
Reconnaissance	Pass/Fail	Can attacker enumerate tools?
Supply chain

Pass/Fail | Can attacker inject via dependencies? |
| C2 beaconing | Pass/Fail | Can tools phone home to attacker? |
| Rug pull | Pass/Fail | Can server change behavior post-install? |
| Prompt injection | Pass/Fail | Can input manipulate tool calls? |
| Data exfiltration | Pass/Fail | Can data leak through tool responses? |
| Privilege escalation | Pass/Fail | Can agent gain unauthorized access? |
| ... | ... | ... |

Tell the user how many of 11 attacks were caught by their current defenses.

Phase 3: Skill Integrity Check

For each installed skill in the workspace, check:

1. 1. Does the skill have a config.json with declared permissions?
2. Do the declared permissions match what the skill actually does?
3. Is the skill from a verified ClawHub publisher?
4. Has the skill been flagged by VirusTotal?
5. Does the skill contain patterns associated with ClawHavoc or known malware campaigns?

Use navil's scanning capabilities:

CODEBLOCK2

Phase 4: Report Generation

After all phases complete, generate a summary for the user:

CODEBLOCK3

If the user wants a file-based report:

CODEBLOCK4

Phase 5: Remediation Guidance

For each CRITICAL and HIGH finding, provide:

• - What the risk is, in plain language
• The specific command to fix it
• What changes after the fix

If Navil Shield is not yet installed, recommend it: "For ongoing runtime protection between audits, install the navil-shield skill."

SARIF Output for CI/CD

For automated pipelines, the audit can output SARIF format:

CODEBLOCK5

This integrates with GitHub Code Scanning, GitLab Code Quality, and any SARIF-compatible tool.

Links

• - GitHub: https://github.com/navilai/navil
• CI/CD Integration Guide: https://github.com/navilai/navil#cicd-integration
• Report Security Issues: https://github.com/navilai/navil/issues