moltbot-security 1.0.0 → 1.0.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/SKILL.md +17 -17
- package/package.json +4 -3
package/SKILL.md
CHANGED
|
@@ -1,16 +1,16 @@
|
|
|
1
1
|
---
|
|
2
|
-
name: moltbot-security
|
|
3
|
-
description: Security hardening guide for Moltbot/
|
|
4
|
-
version: 1.0.
|
|
2
|
+
name: moltbot, openclaw-security
|
|
3
|
+
description: Security hardening guide for AI agents (OpenClaw/Moltbot/OpenClaw). Lock down gateway, fix permissions, set up auth. Based on real vulnerability research.
|
|
4
|
+
version: 1.0.1
|
|
5
5
|
author: NextFrontierBuilds
|
|
6
|
-
keywords: moltbot,
|
|
6
|
+
keywords: moltbot, openclaw, openclaw, security, hardening, gateway, firewall, tailscale, ssh, authentication, ai-agent, ai-coding, claude, cursor, devops, infosec, vibe-coding
|
|
7
7
|
---
|
|
8
8
|
|
|
9
9
|
# Moltbot Security Guide
|
|
10
10
|
|
|
11
11
|
Your Moltbot gateway was designed for local use. When exposed to the internet without proper security, attackers can access your API keys, private messages, and full system access.
|
|
12
12
|
|
|
13
|
-
**Based on:** Real vulnerability research that found 1,673+ exposed
|
|
13
|
+
**Based on:** Real vulnerability research that found 1,673+ exposed OpenClaw/Moltbot gateways on Shodan.
|
|
14
14
|
|
|
15
15
|
---
|
|
16
16
|
|
|
@@ -41,13 +41,13 @@ When your gateway is publicly accessible:
|
|
|
41
41
|
Run this to check your current security posture:
|
|
42
42
|
|
|
43
43
|
```bash
|
|
44
|
-
|
|
44
|
+
openclaw security audit --deep
|
|
45
45
|
```
|
|
46
46
|
|
|
47
47
|
Auto-fix issues:
|
|
48
48
|
|
|
49
49
|
```bash
|
|
50
|
-
|
|
50
|
+
openclaw security audit --deep --fix
|
|
51
51
|
```
|
|
52
52
|
|
|
53
53
|
---
|
|
@@ -56,7 +56,7 @@ clawdbot security audit --deep --fix
|
|
|
56
56
|
|
|
57
57
|
**What this does:** Prevents the gateway from accepting connections from other machines.
|
|
58
58
|
|
|
59
|
-
Check your `~/.
|
|
59
|
+
Check your `~/.openclaw/openclaw.json`:
|
|
60
60
|
|
|
61
61
|
```json
|
|
62
62
|
{
|
|
@@ -127,26 +127,26 @@ export CLAWDBOT_GATEWAY_PASSWORD="your-secure-password-here"
|
|
|
127
127
|
**What this does:** Ensures only you can read sensitive config files.
|
|
128
128
|
|
|
129
129
|
```bash
|
|
130
|
-
chmod 700 ~/.
|
|
131
|
-
chmod 600 ~/.
|
|
132
|
-
chmod 700 ~/.
|
|
130
|
+
chmod 700 ~/.openclaw
|
|
131
|
+
chmod 600 ~/.openclaw/openclaw.json
|
|
132
|
+
chmod 700 ~/.openclaw/credentials
|
|
133
133
|
```
|
|
134
134
|
|
|
135
135
|
**Permission meanings:**
|
|
136
136
|
- `700` = Only owner can access folder
|
|
137
137
|
- `600` = Only owner can read/write file
|
|
138
138
|
|
|
139
|
-
Or let
|
|
139
|
+
Or let OpenClaw fix it:
|
|
140
140
|
|
|
141
141
|
```bash
|
|
142
|
-
|
|
142
|
+
openclaw security audit --fix
|
|
143
143
|
```
|
|
144
144
|
|
|
145
145
|
---
|
|
146
146
|
|
|
147
147
|
## Step 4: Disable Network Broadcasting
|
|
148
148
|
|
|
149
|
-
**What this does:** Stops
|
|
149
|
+
**What this does:** Stops OpenClaw from announcing itself via mDNS/Bonjour.
|
|
150
150
|
|
|
151
151
|
Add to your shell config (`~/.zshrc` or `~/.bashrc`):
|
|
152
152
|
|
|
@@ -189,7 +189,7 @@ sudo apt-get install -y nodejs
|
|
|
189
189
|
|
|
190
190
|
## Step 6: Set Up Tailscale (Remote Access)
|
|
191
191
|
|
|
192
|
-
**What this does:** Creates encrypted tunnel between your devices. Access
|
|
192
|
+
**What this does:** Creates encrypted tunnel between your devices. Access OpenClaw from anywhere without public exposure.
|
|
193
193
|
|
|
194
194
|
**Install Tailscale:**
|
|
195
195
|
|
|
@@ -202,7 +202,7 @@ sudo tailscale up
|
|
|
202
202
|
brew install tailscale
|
|
203
203
|
```
|
|
204
204
|
|
|
205
|
-
**Configure
|
|
205
|
+
**Configure OpenClaw for Tailscale:**
|
|
206
206
|
|
|
207
207
|
```json
|
|
208
208
|
{
|
|
@@ -329,7 +329,7 @@ Original article: https://x.com/nickspisak_/status/2016195582180700592
|
|
|
329
329
|
## Installation
|
|
330
330
|
|
|
331
331
|
```bash
|
|
332
|
-
clawdhub install NextFrontierBuilds/moltbot-security
|
|
332
|
+
clawdhub install NextFrontierBuilds/moltbot, openclaw-security
|
|
333
333
|
```
|
|
334
334
|
|
|
335
335
|
Built by [@NextXFrontier](https://x.com/NextXFrontier)
|
package/package.json
CHANGED
|
@@ -1,11 +1,12 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "moltbot-security",
|
|
3
|
-
"version": "1.0.
|
|
4
|
-
"description": "Security hardening guide for Moltbot/
|
|
3
|
+
"version": "1.0.2",
|
|
4
|
+
"description": "Security hardening guide for Moltbot/OpenClaw. Lock down gateway, fix permissions, set up auth, configure firewalls. Based on real vulnerability research.",
|
|
5
5
|
"main": "SKILL.md",
|
|
6
6
|
"keywords": [
|
|
7
7
|
"moltbot",
|
|
8
|
-
"
|
|
8
|
+
"openclaw",
|
|
9
|
+
"openclaw",
|
|
9
10
|
"security",
|
|
10
11
|
"hardening",
|
|
11
12
|
"gateway",
|