ClawdStrike is a defensive OpenClaw skill designed to help operators verify their environment and configuration before attackers do. It focuses on the most common real‑world compromise paths seen in the ecosystem: malicious skills, open ports, exposed control UIs, weak tool policies, and plaintext secrets.
- navigate to your openclaw workspace.
cd /home/<user>/.openclaw/workspace
- ensure the skills directory exists.
mkdir -p skills
- clone the clawdstrike repository files into the folder.
git clone https://github.com/cantinaxyz/clawdstrike.git skills/clawdstrike
- restart openclaw
openclaw gateway restart
OpenClaw installations often run with broad permissions and access to sensitive credentials. In practice, many compromises happen because:
- users install malicious or backdoored skills
- gateways or control interfaces are publicly exposed
- tools are enabled without proper allowlists or sandboxing
- secrets and session data live in plaintext on disk
ClawdStrike helps detect those risks early and provides concrete fixes.
- Internet exposure (gateway / control UI / browser control)
- Tool policies and elevated execution scope
- Skill/plugin supply‑chain risks (hidden files, remote payloads)
- Secrets on disk + weak file permissions
- Network and firewall posture
Run it as a defensive audit before installing new skills, after configuration changes, or on a schedule. The goal is to reduce the blast radius of known attack paths.