Your OpenClaw config is probably exposed.

Paste your SOUL.md, SKILL.md, or gateway config. Get a scored security audit with specific fixes in seconds. No enterprise contract required.

Scan Your Config Free →

300k+

OpenClaw Users

26%

Skills Vulnerable

Current Options

security-audit.json

ClawGuard v1

Security Score: Needs Work
3 critical, 2 high, 4 medium findings

CRITICAL

Gateway exposed on 0.0.0.0 without authentication. Any network device can reach your agent.

CRITICAL

system.run enabled with no exec allowlist. Remote code execution is unrestricted.

HIGH

SOUL.md lacks security rules. No prompt injection guardrails defined.

MEDIUM

3 unvetted third-party skills installed without integrity verification.

"Security for OpenClaw is an option, but it is not built in. The product documentation itself admits: 'There is no perfectly secure setup.'"

Cisco AI Security Research, 2026

How It Works

Three steps. Real fixes.

01 — PASTE

Drop your config

Paste your SOUL.md, any SKILL.md files, or gateway configuration. We parse it all.

$ cat ~/.openclaw/SOUL.md | pbcopy

02 — SCAN

Get your score

ClawGuard checks against 20 security rules covering permissions, network exposure, skill integrity, and prompt injection surfaces.

Scanning... 9 findings (3 critical)

03 — FIX

Apply the patches

Every finding comes with a specific fix you can copy-paste. Not vague advice. Exact config changes.

security: deny → security: ask

What We Audit

The stuff that gets you hacked.

⚡

Remote Code Execution

system.run permissions, exec allowlists, node pairing settings, and shell access controls.

🌐

Network Exposure

Gateway bind address, authentication requirements, TLS configuration, and exposed ports.

🧠

Prompt Injection Surface

SOUL.md security rules, input sanitization, DM policy configuration, and trust boundaries.

🔌

Skill & Plugin Integrity

Third-party skill vetting, permission scoping, watcher config, and supply chain risks.

Trust Layer

Powered by Cred402

ClawGuard is one input signal into Cred402 — a trust scoring API for AI agents. Like a credit score for ERC-8004 registered agents, billed via x402 micropayments.

Agents passing ClawGuard's security baseline get higher Cred402 scores, unlocking more trust in agent-to-agent interactions.

                POST cred402.com/api/v1/attest

                {

                  "scan_id": "cg-a1b2c3...",

                  "overall_score": 72,

                  "config_hash": "sha256:...",

                  "cred402_impact": +14

                }

ESLint for your OpenClaw config.

The security gap between OpenClaw's built-in audit and enterprise tools costing $20k/year is where ClawGuard lives. Developer-friendly. Affordable. Specific.

Start Scanning →