1

    🛡️ OpenClaw Guardrail Linter

    Scan your OpenClaw config for the settings that quietly hand your agent too much power: unrestricted exec, open inbound DMs, secrets committed in config, the deny-write bypass, sandbox turned off, dangerous Docker binds, and elevated tools. Read-only, plain-English findings, grounded in the OpenClaw docs.

    Updated Jul 2026
    Security scanned
    Cursor

    $12

    · or 60 credits

    30-day refund guarantee

    Secure checkout via Stripe

    Included in download

    • Identify hardcoded secrets in OpenClaw manifests
    • Detect sandbox escape vulnerabilities in Docker configs
    • file_read automation included
    • Ready for Cursor
    • Instant install

    Media gallery

    See it in action

    You say

    Review my openclaw.json and .openclaw/ manifests for security issues.

    Your agent does

    Scan complete. Found 2 issues:

    • OGL003 (High): Hardcoded API key found in openclaw.json at line 12. Use SecretRef.
    • OGL009 (Medium): Workspace mounted as read-write. Recommend read-only for current agent scope. Review findings before connecting to external channels.

    About This Skill

    The problem

    Misconfigured OpenClaw agents risk remote code execution, secret leakage, and unrestricted tool access. Standard linters miss these platform-specific security flaws in openclaw.json and workspace manifests.

    What it does

    • Scans config files for OGL001-OGL011 security violations.
    • Identifies hardcoded secrets and insecure environment variable mapping.
    • Detects sandbox escapes and dangerous Docker bind mounts.
    • Flags bypasses where write permissions are denied but edit tools remain active.
    • Evaluates inbound DM permissions and broad skill gates.

    Frameworks & tools

    Compatible with OpenClaw configuration formats including .json and .json5. Analyzes SOUL.md, AGENTS.md, and USER.md files.

    Why this beats prompting it yourself

    Manual prompting often misses nuanced bypasses like OGL005 or specific Docker sandbox overrides. This skill uses a codified rule set that ensures consistent detection of 11 distinct vulnerability classes without hallucinatory false negatives.

    Use cases

    • Reviewing openclaw.json before deploying a new agent gateway.
    • Auditing local workspace mounts for unnecessary read-write access.
    • Checking AGENTS.md for hardcoded API keys or sensitive literal strings.
    • Pre-production security checks for OpenClaw skill gates.

    Known limitations

    Uses heuristic analysis of static text files. It does not verify live gateway state or network-level firewall rules.

    Use Cases

    • Identify hardcoded secrets in OpenClaw manifests
    • Detect sandbox escape vulnerabilities in Docker configs
    • Flag file-write permission bypasses in tool profiles
    • Audit inbound DM settings for unauthorized access

    How to install

    Drop the file into your AI tool. Works with Claude, Cursor, ChatGPT, and 20+ more.

    Reviews

    No reviews yet - be the first to share your experience.

    Only users who have downloaded or purchased this skill can leave a review.

    Security Scanned

    Passed automated security review

    Permissions

    Read Files

    Allowed Hosts

    www.agensi.io
    docs.openclaw.ai
    github.com

    File Scopes

    openclaw-guardrail-linter/**
    **/openclaw.json
    **/.openclaw/**/*.json
    **/.openclaw/**/*.json5
    **/.config/openclaw/**/*.json
    **/SOUL.md
    **/AGENTS.md
    **/USER.md

    Read Files only. It reads your OpenClaw config and workspace files as plain text to flag unsafe settings and committed secrets. It does not run OpenClaw, read your live environment, use secrets, or send anything anywhere. No write, shell, or network.

    Runs anywhere a coding agent can execute a Python 3 script. Tested with Claude Code, Cursor, Codex CLI, Windsurf, and Cline. Python 3 standard library only: no third-party packages, no network calls, and it never runs your code. Scans openclaw.json and OpenClaw workspace files (SOUL.md, AGENTS.md, USER.md). Rules track documented OpenClaw config keys and live in an editable references/openclaw-rules.json you can tune.

    Frequently Asked Questions

    $12