安全巡检
clawvitals
by bk-cm
Security health check and recurring posture tracking for OpenClaw. Finds real misconfigurations across authentication, version currency, and platform config. Tracks whether your security posture improves or regresses over time. Alerts on new critical findings. Run "run clawvitals" to get your first score in under 30 seconds.
安装
claude skill add --url github.com/openclaw/skills/tree/main/skills/bk-cm/clawvitals文档
ClawVitals
Security health check and recurring assessment for self-hosted OpenClaw installations.
Install
clawhub install clawvitals
Or via OpenClaw directly:
openclaw skills install clawvitals
What it does
ClawVitals runs your first security scan in under 30 seconds. It checks your OpenClaw installation against a library of security controls, scores it with a RAG band (🟢 Green / 🟡 Amber / 🔴 Red), and tells you exactly what to fix.
On subsequent scans it detects regressions — new critical findings trigger an alert. Clean scans are silent.
What it checks (v0.1 — 6 scored controls)
| Control | Severity | What it checks |
|---|---|---|
| NC-OC-003 | High | No ineffective deny command entries |
| NC-OC-004 | Critical | No open (unauthenticated) groups |
| NC-OC-008 | Medium | All configured channels healthy |
| NC-AUTH-001 | High | Reverse proxy trust correctly configured |
| NC-VERS-001 | Medium | OpenClaw not behind latest release |
| NC-VERS-002 | Medium | OpenClaw not more than 2 versions behind |
Plus 8 experimental controls (reported separately, not scored).
Full control docs: clawvitals.io/docs
Usage
run clawvitals → run a manual scan
show clawvitals details → full report with remediation steps
clawvitals history → last 10 scan summaries
clawvitals schedule daily → set up recurring daily scans (8am)
clawvitals schedule weekly → weekly (Monday 8am)
clawvitals schedule off → manual only
clawvitals status → show current config + last scan
clawvitals telemetry on → enable anonymous posture tracking dashboard
clawvitals config host_name "my-server" → set a friendly name for this install
How scoring works
- Starts at 100, deductions for each failing control (Critical: -25, High: -10, Medium: -5)
- 🟢 Green: 90–100 (no urgent action)
- 🟡 Amber: 70–89 (review recommended)
- 🔴 Red: 0–69 (immediate action required)
Recurring scans
On first run, ClawVitals prompts you to set up a schedule. Scheduled scans are silent — you only get a message if a new critical or high finding appears since the last scan.
Optional: track your posture over time
Enable anonymous telemetry to see your score history at clawvitals.io/dashboard — free, no account required for basic view. No findings, file paths, hostnames, or secrets are ever shared.
clawvitals telemetry on
By Anguarda
ClawVitals is built and maintained by Anguarda — AI agent trust infrastructure.
- GitHub: github.com/ANGUARDA/Portfolio
- Docs: clawvitals.io/docs
- Control library: clawvitals.io/docs/controls
相关 Skills
安全专家
by alirezarezvani
覆盖威胁建模、漏洞评估、安全架构设计、代码审计与渗透测试,内置 STRIDE、OWASP、加密模式和安全扫描流程,适合系统设计评审与上线前安全排查。
✎ 安全专家把威胁建模、漏洞分析到渗透测试串成一套流程,内置 STRIDE 与 OWASP 指南,做安全设计和排查更省心。
安全运营
by alirezarezvani
覆盖应用安全、漏洞管理与合规审计,支持代码/依赖扫描、CVE 评估、Secrets 检测和安全自动化,适合做安全基线落地、漏洞响应、审计检查与安全开发治理。
✎ 应用安全、漏洞管理和合规检查一套打通,还能自动化扫描与响应,帮团队更早发现并收敛风险。
安全审计
by alirezarezvani
安装前审计 Claude Code Skill 的代码执行、Prompt 注入和依赖供应链风险,支持本地目录或 Git 仓库扫描,输出 PASS/WARN/FAIL 结论及修复建议
✎ 把代码审查、漏洞扫描和合规检查串成一条线,帮团队更早发现风险,做安全治理更省心。
相关 MCP 服务
by Sentry
搜索和分析 Sentry 错误报告,辅助调试。
✎ 把零散的 Sentry 错误报告变成可检索线索,帮你在海量报错里更快定位线上故障,排障调试明显省时。
by sinewaveai
为 AI agents 提供安全层:拦截 prompt injection、识别伪造 packages,并扫描漏洞风险。
✎ 给 AI Agent 补上关键安全层,能拦截 prompt 注入、识别伪造包并扫描漏洞风险,把防护前置更省心。
by pantheon-security
强化安全性的 NotebookLM MCP,集成 post-quantum encryption,提升数据防护能力。