ClawSec
Security Security & OperationsInstall Command
npx clawhub@latest install clawsec
Installation Guide
Make sure Node.js 22+ and OpenClaw are installed. Run openclaw --version in your terminal to verify.
Run the install command above in your terminal. ClawHub will automatically download and install ClawSec to the ~/.openclaw/skills/ directory.
Run openclaw skills list to check your installed skills and confirm ClawSec appears in the list.
Follow the configuration instructions in the description below to add skill settings to ~/.config/openclaw/openclaw.json5.
~/.openclaw/skills/ or the skills/ directory in your project root. Make sure the folder contains a SKILL.md file.
Detailed Description
ClawSec is OpenClaw's professional security skill suite, developed by Prompt Security, providing comprehensive security protection for your AI assistant.
Core Features
- Drift Detection: Monitor AI behavioral deviations and detect prompt injection and jailbreak attempts
- Security Auditing: Automatically audit installed skills for permissions and security
- Integrity Verification: Verify that skill files haven't been tampered with, preventing supply chain attacks
- Security Recommendations: Provide real-time security configuration advice and best practices
- Log Monitoring: Record and analyze security-related events
Configuration
{
skills: {
clawsec: {
auditInterval: 3600, // Audit interval (seconds)
driftDetection: true,
integrityCheck: true,
alertChannel: "slack" // Alert notification channel
}
}
}
Use Cases
- Security hardening for enterprise OpenClaw deployments
- Automatically detecting security risks in newly installed skills
- Preventing the AI assistant from being manipulated by malicious prompts
- Generating periodic security audit reports
Important Notice
It is recommended to always enable ClawSec in production environments, especially when OpenClaw is providing external-facing services. It effectively prevents common AI security threats.