Clawdbot Security Check
Perform a comprehensive read-only security audit of Clawdbot's own configuration. This is a knowledge-based skill that teaches Clawdbot to identify hardening opportunities across the system. Use when user asks to "run security check", "audit clawdbot", "check security hardening", or "what vulnerabilities does my Clawdbot have". This skill uses Clawdbot's internal capabilities and file system access to inspect configuration, detect misconfigurations, and recommend remediations. It is designed to be extensible - new checks can be added by updating this skill's knowledge.
Why this rating
Deterministic checks triggered by the tool capabilities and evidence.
- Locality: Local
Reads Clawdbot config and credential files on disk.
- Data access: Sensitive
Inspects auth profiles and credential storage paths.
- Action surface: Execute
Runs audit commands and can apply fixes via '--fix'.
Best practices
Follow these steps to reduce risk when using this skill.
- Run the audit without '--fix' first and review findings.
- Back up '~/.clawdbot' before applying changes.
- Restrict access to generated reports and logs.
Evidence links
Public sources backing the indicator assignments.
Always be careful when navigating away from the website.
Max-risk rule
If any capability reaches a higher level, the entire indicator level bumps up to keep ratings deterministic and easy to scan.