ClawSec: Security Skill Suite for AI Agents
## Secure Your OpenClaw Bots with a Complete Security Skill Suite
Brought to you by Prompt Security, the Platform for AI Security
๐ **Live at: [https://clawsec.prompt.security](https://clawsec.prompt.security) [https://prompt.security/clawsec](https://prompt.security/clawsec)**
[](https://github.com/prompt-security/clawsec/actions/workflows/ci.yml)
[](https://github.com/prompt-security/clawsec/actions/workflows/deploy-pages.yml)
[](https://github.com/prompt-security/clawsec/actions/workflows/poll-nvd-cves.yml)
[](https://github.com/prompt-security/clawsec/actions/workflows/skill-release.yml)
---
## ๐ฆ What is ClawSec?
ClawSec is a **complete security skill suite for the OpenClaw family of agents (Moltbot, Clawdbot, some clones)**. It provides a unified installer that deploys, verifies, and maintains security skills-protecting your agent's cognitive architecture against prompt injection, drift, and malicious instructions.
### Core Capabilities
- **๐ฆ Suite Installer** - One-command installation of all security skills with integrity verification
- **๐ก๏ธ File Integrity Protection** - Drift detection and auto-restore for critical agent files (SOUL.md, IDENTITY.md, etc.)
- **๐ก Live Security Advisories** - Automated NVD CVE polling and community threat intelligence
- **๐ Security Audits** - Self-check scripts to detect prompt injection markers and vulnerabilities
- **๐ Checksum Verification** - SHA256 checksums for all skill artifacts
- **Health Checks** - Automated updates and integrity verification for all installed skills
---
## ๐ Quick Start
### For AI Agents
```bash
# Fetch and install the ClawSec security suite
curl -sL https://clawsec.prompt.security/releases/latest/download/SKILL.md
```
The skill file contains deployment instructions. Your agent will:
1. Detect its agent family (OpenClaw/MoltBot/ClawdBot or other)
2. Install appropriate skills from the catalog
3. Verify integrity using checksums
4. Set up cron update checks
### For Humans
Copy this instruction to your AI agent:
> Read https://clawsec.prompt.security/releases/latest/download/SKILL.md and follow the instructions to install the protection skill suite.
---
## ๐ฆ ClawSec Suite
The **clawsec-suite** is a skill-of-skills manager that installs, verifies, and maintains security skills from the ClawSec catalog.
### Skills in the Suite
| Skill | Description | Installation | Compatibility |
|-------|-------------|--------------|---------------|
| ๐ก **clawsec-feed** | Security advisory feed monitoring with live CVE updates | โ
Included by default | All agents |
| ๐ญ **openclaw-audit-watchdog** | Automated daily audits with email reporting | โ
Included by default | OpenClaw/MoltBot/ClawdBot |
| ๐ป **soul-guardian** | Drift detection and file integrity guard with auto-restore | โ๏ธ Optional | All agents |
| ๐ค **clawtributor** | Community incident reporting | โ Optional (Explicit request) | All agents |
> โ ๏ธ **clawtributor** is not installed by default as it may share anonymized incident data. Install only on explicit user request.
> โ ๏ธ **openclaw-audit-watchdog** is tailored for the OpenClaw/MoltBot/ClawdBot agent family. Other agents receive the universal skill set.
### Suite Features
- **Integrity Verification** - Every skill package includes `checksums.json` with SHA256 hashes
- **Updates** - Automatic checks for new skill versions
- **Self-Healing** - Failed integrity checks trigger automatic re-download from trusted releases
- **Advisory Cross-Reference** - Installed skills are checked against the security advisory feed
---
## ๐ก Security Advisory Feed
ClawSec maintains a continuously updated security advisory feed, automatically populated from NIST's National Vulnerability Database (NVD).
### Feed URL
```bash
# Fetch latest advisories
curl -s https://clawsec.prompt.security/advisories/feed.json | jq '.advisories[] | select(.severity == "critical" or .severity == "high")'
```
### Monitored Keywords
The feed polls CVEs related to:
- `OpenClaw`
- `clawdbot`
- `Moltbot`
- Prompt injection patterns
- Agent security vulnerabilities
### Advisory Schema
**NVD CVE Advisory:**
```json
{
"id": "CVE-2026-XXXXX",
"severity": "critical|high|medium|low",
"type": "vulnerable_skill",
"title": "Short description",
"description": "Full CVE description from NVD",
"published": "2026-02-01T00:00:00Z",
"cvss_score": 8.8,
"nvd_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-XXXXX",
"references": ["..."],
"action": "Recommended remediation"
}
```
**Community Advisory:**
```json
{
"id": "CLAW-2026-0042",
"severity": "high",
"type": "prompt_injection|vulnerable_skill|tampering_attempt",
"title": "Short description",
"description": "Detailed description from issue",
"published": "2026-02-01T00:00:00Z",
"affected": ["skill-name@1.0.0"],
"source": "Community Report",
"github_issue_url": "https://github.com/.../issues/42",
"action": "Recommended remediation"
}
```
---
## ๐ CI/CD Pipelines
ClawSec uses automated pipelines for continuous security updates and skill distribution.
### Automated Workflows
| Workflow | Trigger | Description |
|----------|---------|-------------|
| **poll-nvd-cves.yml** | Daily cron (06:00 UTC) | Polls NVD for new CVEs, updates feed |
| **community-advisory.yml** | Issue labeled `advisory-approved` | Processes community reports into advisories |
| **skill-release.yml** | `-v*.*.*` tags | Packages individual skills with checksums to GitHub Releases |
| **deploy-pages.yml** | Push to main | Builds and deploys the web interface to GitHub Pages |
### Skill Release Pipeline
When a skill is tagged (e.g., `soul-guardian-v1.0.0`), the pipeline:
1. **Validates** - Checks `skill.json` version matches tag
2. **Generates Checksums** - Creates `checksums.json` with SHA256 hashes for all SBOM files
3. **Releases** - Publishes to GitHub Releases with all artifacts
4. **Supersedes Old Releases** - Marks older versions (same major) as pre-releases
5. **Triggers Pages Update** - Refreshes the skills catalog on the website
### Release Versioning & Superseding
ClawSec follows [semantic versioning](https://semver.org/). When a new version is released:
| Scenario | Behavior |
|----------|----------|
| New patch/minor (e.g., 1.0.1, 1.1.0) | Previous releases with same major version are **deleted** |
| New major (e.g., 2.0.0) | Previous major version (1.x.x) remains for backwards compatibility |
**Why do old releases disappear?**
When you release `skill-v0.0.2`, the previous `skill-v0.0.1` release is automatically deleted to keep the releases page clean. Only the latest version within each major version is retained.
- **Git tags are preserved** - You can always recreate a release from an existing tag if needed
- **Major versions coexist** - Both `skill-v1.x.x` and `skill-v2.x.x` latest releases remain available for backwards compatibility
### Release Artifacts
Each skill release includes:
- `checksums.json` - SHA256 hashes for integrity verification
- `skill.json` - Skill metadata
- `SKILL.md` - Main skill documentation
- Additional files from SBOM (scripts, configs, etc.)
---
## ๐ ๏ธ Offline Tools
ClawSec includes Python utilities for local skill development and validation.
### Skill Validator
Validates a skill folder against the required schema:
```bash
python utils/validate_skill.py skills/clawsec-feed
```
Checks:
- `skill.json` exists and is valid JSON
- Required fields present (name, version, description, author, license)
- SBOM files exist and are readable
- OpenClaw metadata is properly structured
### Skill Checksums Generator
Generates `checksums.json` with SHA256 hashes for a skill:
```bash
python utils/package_skill.py skills/clawsec-feed ./dist
```
Outputs:
- `checksums.json` - SHA256 hashes for verification
---
## ๐ ๏ธ Local Development
### Prerequisites
- Node.js 20+
- Python 3.10+ (for offline tools)
- npm
### Setup
```bash
# Install dependencies
npm install
# Start development server
npm run dev
```
### Populate Local Data
```bash
# Populate skills catalog from local skills/ directory
./scripts/populate-local-skills.sh
# Populate advisory feed with real NVD CVE data
./scripts/populate-local-feed.sh --days 120
```
### Build
```bash
npm run build
```
---
## ๐ Project Structure
```
โโโ advisories/
โ โโโ feed.json # Main advisory feed (auto-updated from NVD)
โโโ components/ # React components
โโโ pages/ # Page components
โโโ scripts/
โ โโโ populate-local-feed.sh # Local CVE feed populator
โ โโโ populate-local-skills.sh # Local skills catalog populator
โ โโโ release-skill.sh # Manual skill release helper
โโโ skills/
โ โโโ clawsec-suite/ # ๐ฆ Suite installer (skill-of-skills)
โ โโโ clawsec-feed/ # ๐ก Advisory feed skill
โ โโโ clawtributor/ # ๐ค Community reporting skill
โ โโโ openclaw-audit-watchdog/ # ๐ญ Automated audit skill
โ โโโ soul-guardian/ # ๐ป File integrity skill
โโโ utils/
โ โโโ package_skill.py # Skill packager utility
โ โโโ validate_skill.py # Skill validator utility
โโโ .github/workflows/
โ โโโ poll-nvd-cves.yml # CVE polling pipeline
โ โโโ skill-release.yml # Skill release pipeline
โ โโโ deploy-pages.yml # Pages deployment
โโโ public/ # Static assets and published skills
```
---
## ๐ค Contributing
We welcome contributions! See [CONTRIBUTING.md](CONTRIBUTING.md) for guidelines.
### Submitting Security Advisories
Found a prompt injection vector, malicious skill, or security vulnerability? Report it via GitHub Issues:
1. Open a new issue using the **Security Incident Report** template
2. Fill out the required fields (severity, type, description, affected skills)
3. A maintainer will review and add the `advisory-approved` label
4. The advisory is automatically published to the feed as `CLAW-{YEAR}-{ISSUE#}`
See [CONTRIBUTING.md](CONTRIBUTING.md#submitting-security-advisories) for detailed guidelines.
### Adding New Skills
1. Create a skill folder under `skills/`
2. Add `skill.json` with required metadata and SBOM
3. Add `SKILL.md` with agent-readable instructions
4. Validate with `python utils/validate_skill.py skills/your-skill`
5. Submit a PR for review
---
## ๐ License
- Source code: MIT License - See [LICENSE](LICENSE) for details.
- Fonts in `font/`: Licensed separately - See [`font/README.md`](font/README.md).
---
**ClawSec** ยท Prompt Security, SentinelOne
๐ฆ Hardening agentic workflows, one skill at a time.