OpenClaw Security Hardening Kit.
Production-grade security for AI agents. Audit scripts, behavioral guardrails, and a complete hardening guide — free and open source.
What's included
!!_START_HERE.md
Quick-start guide with three-layer defense system. Read this first to understand the security model and get protected in under 10 minutes.
OPENCLAW_HARDENING_GUIDE.md
Comprehensive production hardening documentation covering CVE-2026-25253 (ClawJacked vulnerability). Full threat model, mitigation steps, and verification procedures.
secure-audit.sh
Automated bash script for vulnerability scanning. Checks OpenClaw version, scans for malicious skills, verifies gateway binding, and flags misconfigurations.
SOUL_PATCH.json
Behavioral guardrails config. Enforces human-approval for dangerous commands, detects prompt injection attempts, and restricts sensitive file access.
Three-layer defense model
Immediate Remediation
Patch critical vulnerabilities first. Update OpenClaw to the latest version, verify gateway binding is set to localhost, and rotate any exposed API keys.
Environment Sandboxing
Isolate agent execution environments. Restrict file system access to designated directories, disable network egress for untrusted tools, and enforce read-only mounts.
Command Governance
Require human approval before agents execute high-risk commands: sudo, rm, chmod, curl, wget. The SOUL_PATCH.json config enforces this at the behavioral layer.
Get the kit
All four files in a single GitHub Gist. Clone it, fork it, or download the raw files. MIT licensed.
Download from GitHubWhy this matters
AI agents execute commands on your server
Unlike chatbots, agentic AI systems have tool access. They can run shell commands, read files, make HTTP requests, and modify system state. That power requires proportional security controls.
Without guardrails, compromise is inevitable
A compromised or misconfigured agent could exfiltrate sensitive data, modify critical files, install malware, or pivot to other systems on your network. Default configurations are not hardened for production.
Every AlphaForge agent ships hardened
The security measures in this kit are what we apply to every production agent we deploy. Immutable SOUL files, command governance, sandboxed execution, and continuous auditing are standard on every build.
Now available to the community
We open-sourced this kit because agent security affects everyone running OpenClaw in production. Use it as-is, adapt it to your stack, or contribute improvements back.
Want agents built with security baked in?
Every AlphaForge build ships with the controls in this kit applied by default. Production-ready, audit-friendly, MIT-licensed playbooks.