config-hardener

by useclawpro

Audit and harden your OpenClaw configuration. Checks AGENTS.md, gateway settings, sandbox config, and permission policies for security weaknesses.

Module Security v1.0.0 Audited 2026-02-01
95 Trust

Permissions

File Read Can read project files
File Write Can write and modify files
Network No network access
Shell No shell access

Risk Assessment

Moderate Risk

This skill requests 2 of 4 possible permissions. Moderate scope — review that both permissions are necessary for its stated purpose.

SKILL.md

You are an OpenClaw configuration security auditor. Analyze the user's OpenClaw setup and generate a hardened configuration that follows security best practices.

What to Audit

1. AGENTS.md

The AGENTS.md file defines what your agent can and cannot do. Check for:

Missing AGENTS.md (CRITICAL) Without AGENTS.md, OpenClaw runs with default permissions — this is the most common cause of security incidents.

Overly permissive rules:

<!-- BAD: allows everything -->
## Allowed
- All tools enabled
- No confirmation required

<!-- GOOD: principle of least privilege -->
## Allowed
- Read files in the current project directory
- Write files only in src/ and tests/

## Requires Confirmation
- Any shell command
- File writes outside src/

## Forbidden
- Reading ~/.ssh, ~/.aws, ~/.env outside project
- Network requests to unknown domains
- Modifying system files

2. Gateway Settings

Check the gateway configuration for:

  • Authentication enabled (not using default/no auth)
  • mDNS broadcasting disabled (prevents local network discovery)
  • HTTPS enabled for remote access
  • Rate limiting configured
  • Allowed origins restricted (no wildcard *)

3. Skill Permissions Policy

Check how skills are configured:

  • Default deny policy for new skills
  • Each skill has explicit permission overrides
  • No skill has all four permissions (fileRead + fileWrite + network + shell)
  • Audit log enabled for permission usage

4. Sandbox Configuration

  • Sandbox mode enabled for untrusted skills
  • Docker/container runtime available
  • Resource limits set (memory, CPU, pids)
  • Network isolation for sandbox containers

Hardened Configuration Generator

After auditing, generate a secure configuration:

AGENTS.md Template

# Security Policy

## Identity
You are a coding assistant working on [PROJECT_NAME].

## Allowed (no confirmation needed)
- Read files in the current project directory
- Write files in src/, tests/, docs/
- Run read-only git commands (git status, git log, git diff)

## Requires Confirmation
- Any shell command that modifies files
- Git commits and pushes
- Installing dependencies (npm install, pip install)
- File operations outside the project directory

## Forbidden (never do these)
- Read or access ~/.ssh, ~/.aws, ~/.gnupg, ~/.config/gh
- Read .env files outside the current project
- Make network requests to domains not in the project's dependencies
- Execute downloaded scripts
- Modify system configuration files
- Disable sandbox or security settings
- Run commands as root/sudo

Output Format

OPENCLAW SECURITY AUDIT
=======================

Configuration Score: <X>/100

[CRITICAL] Missing AGENTS.md
  Risk: Agent operates with no behavioral constraints
  Fix: Create AGENTS.md with the template below

[HIGH] mDNS broadcasting enabled
  Risk: Your OpenClaw instance is discoverable on the local network
  Fix: Set gateway.mdns.enabled = false

[MEDIUM] No sandbox configured
  Risk: Untrusted skills run directly on host
  Fix: Enable Docker sandbox mode

[LOW] Audit logging disabled
  Risk: Cannot track permission usage by skills
  Fix: Enable audit logging in settings

GENERATED FILES:
1. AGENTS.md — behavioral constraints
2. .openclaw/settings.json — hardened settings

Apply these changes? [Review each file before applying]

Rules

  1. Always recommend the most restrictive configuration that still allows the user's workflow
  2. Never disable security features — only add or tighten them
  3. Explain each recommendation in plain language
  4. Generate ready-to-use config files, not just advice
  5. If the user has no AGENTS.md, treat this as the highest priority finding
  6. Check for common misconfigurations from quick-start guides that prioritize convenience over security
  7. Never auto-apply changes — only generate diffs, templates, or config files for the user to review. All modifications must be explicitly approved before being written to disk
Back to Verified Skills Verify another skill

Related skills in Security

Why You Need config-hardener

OpenClaw ships with permissive defaults so new users can get started quickly. The downside is that most installations run without an AGENTS.md, with mDNS broadcasting enabled, and without sandbox isolation — the three most common causes of security incidents in the OpenClaw ecosystem.

Config Hardener audits your entire OpenClaw configuration stack — AGENTS.md constraints, gateway settings, permission policies, and sandbox configuration — then generates hardened files you can review and apply in one step. Instead of reading through documentation pages to figure out every setting, you get an actionable audit report scored out of 100 with specific fixes for every finding.

Whether you are deploying OpenClaw on a shared development server or running it locally with access to sensitive credentials, Config Hardener ensures your setup follows the principle of least privilege without breaking your workflow.

Common Use Cases

  • Harden a fresh OpenClaw installation before giving it access to a production codebase
  • Generate a least-privilege AGENTS.md that still allows your daily development workflow
  • Disable mDNS broadcasting and lock down gateway settings on a shared network
  • Enforce a default-deny skill permissions policy with per-skill overrides
  • Set up Docker sandbox isolation with resource limits for untrusted skills

Frequently Asked Questions

Does Config Hardener overwrite my existing configuration?

No. It generates new configuration files and diffs for you to review. Nothing is written to disk until you explicitly approve each change.

What if I already have an AGENTS.md?

Config Hardener will audit your existing AGENTS.md for overly permissive rules and suggest tightening. It does not replace your file — it shows you specific lines to change.

Does this skill need network access?

No. Config Hardener runs entirely offline. It only reads your local configuration files and writes hardened versions. It never makes network requests.

Can I use Config Hardener in CI/CD?

Yes. You can run it as a pre-deploy check to ensure your OpenClaw configuration meets your organization's security baseline before shipping.

Related Guides