← Back to Security & Passwords
Security & Passwords by @kunoiiv

molt-security-auditor-v3

Bulletproof creds/ports/configs/vulns scan

0
Source Code

OpenClaw Security Auditor V3 (Bulletproof)

Scans + fixes (preview/verify). Hardcoded safe—no malicious paths.

Quick Run

node scripts/audit.js --full     # Scan → security-report-v3.json
node scripts/audit.js --fix      # Guided fixes
node scripts/audit.js --auto     # Preview → Run + verify
node scripts/rollback.js         # Atomic revert

Scans

  • Creds: Hash-only grep (sk-*, api_key) — 100 files/1MB limit.
  • Ports: netstat/ss/lsof — open ports list.
  • Configs: SSH pass/root, users/sudo.
  • Vulns: npm audit JSON, openclaw update.

V3 Security

  • Immutable Cmds: Hardcoded whitelist—no injection.
  • Mutex: 5min lock expire.
  • Backup: Read-only copies + SHA verify.
  • Timeouts: 5-10s execs.
  • Cross-OS: Win/Linux/Mac native.
  • Verify: Pre/post diff.
  • Rollback: backup/*.bak → one-script restore.

Report: security-report-v3.json (safe JSON).

Prod eternal—ClawdHub V3 ready.