The Trusted Security Hub
for OpenClaw
Protect your OpenClaw setup from malicious skills, prompt injection attacks, and remote code execution vulnerabilities. Two free auditor skills, verified skill catalog, and real-time skill verification.
OpenClaw's Security Landscape
The OpenClaw ecosystem faces real threats. Understanding them is the first step to protection.
Malicious Skills
Security researchers reported 351 malicious skills uploaded to ClawHub ("ClawHavoc" campaign), using typosquatting, data exfiltration, and reverse shells disguised as popular tools.
Remote Code Execution
Vulnerabilities in OpenClaw's skill loader can allow arbitrary command execution through crafted skill manifests. Always keep OpenClaw updated.
Prompt Injection
Skills can inject hidden instructions into AI context, bypassing user consent. Credential theft, unauthorized actions, and data leaks.
Your OpenClaw Security Toolkit
Three pillars of protection to keep your OpenClaw environment secure.
Security Guides
Comprehensive, actionable guides covering sandbox setup, credential protection, and hardening your OpenClaw environment.
Browse GuidesVerified Skills
Curated catalog of audited, safe-to-use OpenClaw skills. Each skill reviewed for permissions, network access, and code integrity.
View CatalogSkill Verifier
Paste a skill URL or manifest and get an instant trust score. Checks against known malicious skills, permission analysis, and heuristic detection.
Try VerifierSecurity Guides
View all guidesWhat is OpenClaw?
The complete guide to OpenClaw — the open-source AI coding agent framework. Models, skills, gateway, and security.
SetupHow to Install OpenClaw
Step-by-step setup for macOS, Linux, and VPS. Secure configuration and first-run walkthrough.
Pillar GuideOpenClaw Security Guide
Complete security overview: malicious skills, RCE risks, prompt injection, and hardening strategies.
SetupSandbox Setup
Run OpenClaw in Docker containers. Network isolation, filesystem restrictions, and automation.
Top Verified Skills
View full catalogskill-auditor
AuditorComprehensive security auditor for OpenClaw skills. Checks for typosquatting, dangerous permissions, prompt injection, supply chain risks, and data exfiltration patterns — before you install anything.
setup-auditor
AuditorAudit your OpenClaw environment for credential leaks, unsafe defaults, and missing sandbox configuration. Wizard-style: answers questions about your setup and produces a fix checklist.
credential-scanner
ModuleScan your project for exposed credentials, API keys, and secrets before running OpenClaw skills. Prevents accidental exfiltration.
prompt-guard
ModuleDetect and neutralize prompt injection attacks in OpenClaw skill content, user inputs, and external data sources. Prevents instruction hijacking and context manipulation.
skill-vetter
ModuleSecurity-first vetting for OpenClaw skills. Use before installing any skill from ClawHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
incident-responder
ModuleStep-by-step incident response for OpenClaw security breaches. Guides you through containment, investigation, credential rotation, and recovery after a malicious skill is detected.
Frequently Asked Questions
Is OpenClaw safe to use?
OpenClaw itself is an open-source tool with strong security foundations. However, the skill ecosystem on ClawHub introduces risks. Malicious skills can steal credentials, execute code, and exfiltrate data. Use verified skills, enable sandbox mode, and follow our security guides to stay safe.
What types of malicious skills exist on ClawHub?
Malicious skills on ClawHub use several attack vectors: typosquatting (naming skills similarly to popular ones), data exfiltration (stealing .env files, SSH keys, API tokens), reverse shells (backdoor connections), and crypto miners. New malicious skills continue to appear, so always verify before installing.
Are there known vulnerabilities in OpenClaw?
Like any software, OpenClaw may have vulnerabilities in its skill loader and execution engine. These can allow remote code execution through crafted skill manifests. Always keep OpenClaw updated to the latest version and use sandbox mode to mitigate potential vulnerabilities.
How does the Skill Verifier work?
The Skill Verifier runs entirely in your browser — no data is sent to any server. It checks skill names against our database of known malicious skills, compares with verified safe skills, and runs heuristic analysis on skill content looking for suspicious patterns like network exfiltration, reverse shells, and credential access.
What makes a skill "verified"?
Verified skills have been manually audited by our security team. We review the source code, check permissions, test for malicious behavior, verify the publisher identity, and monitor for changes. Verified skills receive a trust score of 89 or higher.
How do I report a malicious skill?
Report malicious skills through ClawHub's reporting mechanism and submit details to our team via the UseClawPro GitHub repository. Include the skill name, URL, and any suspicious behavior you observed. We'll investigate and add confirmed threats to our database.
Can I use OpenClaw without ClawHub skills?
Yes. OpenClaw works without any third-party skills. You can use it with only built-in capabilities, which are safe and audited. If you need extended functionality, only install skills from our verified catalog or skills you've personally reviewed.
How often is the malicious skills database updated?
We update the database continuously as new threats are discovered. The database is bundled with the site — when you use the verifier, you're checking against the latest known threats at the time of our last deployment.
Protect Your OpenClaw Setup Today
Don't wait for an incident. Start with our security guide, verify your installed skills, and lock down your environment.