prompt-security/clawsec: A complete security skill suite for OpenClaw’s family of agents. Protect your SOUL.md (etc’) with drift detection, live security recommendations, automated audits, and skill integrity verification. All from one installable suite.

ClawSec is a complete security skill suite for the OpenClaw family of agents (Moltbot, Clawdbot, some clones). It provides a unified installer that deploys, verifies, and maintains security skills-protecting your agent’s cognitive architecture against prompt injection, drift, and malicious instructions.

• 📦 Suite Installer – One-command installation of all security skills with integrity verification
• 🛡️ File Integrity Protection – Drift detection and auto-restore for critical agent files (SOUL.md, IDENTITY.md, etc.)
• 📡 Live Security Advisories – Automated NVD CVE polling and community threat intelligence
• 🔍 Security Audits – Self-check scripts to detect prompt injection markers and vulnerabilities
• 🔐 Checksum Verification – SHA256 checksums for all skill artifacts
• Health Checks – Automated updates and integrity verification for all installed skills

# Fetch and install the ClawSec security suite
curl -sL https://clawsec.prompt.security/releases/latest/download/SKILL.md

The skill file contains deployment instructions. Your agent will:

1. Detect its agent family (OpenClaw/MoltBot/ClawdBot or other)
2. Install appropriate skills from the catalog
3. Verify integrity using checksums
4. Set up cron update checks

Copy this instruction to your AI agent:

Read https://clawsec.prompt.security/releases/latest/download/SKILL.md and follow the instructions to install the protection skill suite.

The clawsec-suite is a skill-of-skills manager that installs, verifies, and maintains security skills from the ClawSec catalog.

⚠️ clawtributor is not installed by default as it may share anonymized incident data. Install only on explicit user request.

⚠️ openclaw-audit-watchdog is tailored for the OpenClaw/MoltBot/ClawdBot agent family. Other agents receive the universal skill set.

• Integrity Verification – Every skill package includes checksums.json with SHA256 hashes
• Updates – Automatic checks for new skill versions
• Self-Healing – Failed integrity checks trigger automatic re-download from trusted releases
• Advisory Cross-Reference – Installed skills are checked against the security advisory feed

ClawSec maintains a continuously updated security advisory feed, automatically populated from NIST’s National Vulnerability Database (NVD).

# Fetch latest advisories
curl -s https://clawsec.prompt.security/advisories/feed.json | jq '.advisories[] | select(.severity == "critical" or .severity == "high")'

The feed polls CVEs related to:

• OpenClaw
• clawdbot
• Moltbot
• Prompt injection patterns
• Agent security vulnerabilities

NVD CVE Advisory:

{
  "id": "CVE-2026-XXXXX",
  "severity": "critical|high|medium|low",
  "type": "vulnerable_skill",
  "title": "Short description",
  "description": "Full CVE description from NVD",
  "published": "2026-02-01T00:00:00Z",
  "cvss_score": 8.8,
  "nvd_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-XXXXX",
  "references": ["..."],
  "action": "Recommended remediation"
}

Community Advisory:

{
  "id": "CLAW-2026-0042",
  "severity": "high",
  "type": "prompt_injection|vulnerable_skill|tampering_attempt",
  "title": "Short description",
  "description": "Detailed description from issue",
  "published": "2026-02-01T00:00:00Z",
  "affected": ["skill-name@1.0.0"],
  "source": "Community Report",
  "github_issue_url": "https://github.com/.../issues/42",
  "action": "Recommended remediation"
}

ClawSec uses automated pipelines for continuous security updates and skill distribution.

When a skill is tagged (e.g., soul-guardian-v1.0.0), the pipeline:

1. Validates – Checks skill.json version matches tag
2. Generates Checksums – Creates checksums.json with SHA256 hashes for all SBOM files
3. Releases – Publishes to GitHub Releases with all artifacts
4. Supersedes Old Releases – Marks older versions (same major) as pre-releases
5. Triggers Pages Update – Refreshes the skills catalog on the website

ClawSec follows semantic versioning. When a new version is released:

Why do old releases disappear?

When you release skill-v0.0.2, the previous skill-v0.0.1 release is automatically deleted to keep the releases page clean. Only the latest version within each major version is retained.

• Git tags are preserved – You can always recreate a release from an existing tag if needed
• Major versions coexist – Both skill-v1.x.x and skill-v2.x.x latest releases remain available for backwards compatibility

Each skill release includes:

• checksums.json – SHA256 hashes for integrity verification
• skill.json – Skill metadata
• SKILL.md – Main skill documentation
• Additional files from SBOM (scripts, configs, etc.)

ClawSec includes Python utilities for local skill development and validation.

Validates a skill folder against the required schema:

python utils/validate_skill.py skills/clawsec-feed

Checks:

• skill.json exists and is valid JSON
• Required fields present (name, version, description, author, license)
• SBOM files exist and are readable
• OpenClaw metadata is properly structured

Generates checksums.json with SHA256 hashes for a skill:

python utils/package_skill.py skills/clawsec-feed ./dist

Outputs:

• checksums.json – SHA256 hashes for verification

• Node.js 20+
• Python 3.10+ (for offline tools)
• npm

# Install dependencies
npm install

# Start development server
npm run dev

# Populate skills catalog from local skills/ directory
./scripts/populate-local-skills.sh

# Populate advisory feed with real NVD CVE data
./scripts/populate-local-feed.sh --days 120

├── advisories/
│   └── feed.json              # Main advisory feed (auto-updated from NVD)
├── components/                 # React components
├── pages/                      # Page components
├── scripts/
│   ├── populate-local-feed.sh # Local CVE feed populator
│   ├── populate-local-skills.sh # Local skills catalog populator
│   └── release-skill.sh       # Manual skill release helper
├── skills/
│   ├── clawsec-suite/       # 📦 Suite installer (skill-of-skills)
│   ├── clawsec-feed/        # 📡 Advisory feed skill
│   ├── clawtributor/           # 🤝 Community reporting skill
│   ├── openclaw-audit-watchdog/ # 🔭 Automated audit skill
│   └── soul-guardian/         # 👻 File integrity skill
├── utils/
│   ├── package_skill.py       # Skill packager utility
│   └── validate_skill.py      # Skill validator utility
├── .github/workflows/
│   ├── poll-nvd-cves.yml      # CVE polling pipeline
│   ├── skill-release.yml      # Skill release pipeline
│   └── deploy-pages.yml       # Pages deployment
└── public/                     # Static assets and published skills

We welcome contributions! See CONTRIBUTING.md for guidelines.

Found a prompt injection vector, malicious skill, or security vulnerability? Report it via GitHub Issues:

1. Open a new issue using the Security Incident Report template
2. Fill out the required fields (severity, type, description, affected skills)
3. A maintainer will review and add the advisory-approved label
4. The advisory is automatically published to the feed as CLAW-{YEAR}-{ISSUE#}

See CONTRIBUTING.md for detailed guidelines.

1. Create a skill folder under skills/
2. Add skill.json with required metadata and SBOM
3. Add SKILL.md with agent-readable instructions
4. Validate with python utils/validate_skill.py skills/your-skill
5. Submit a PR for review

• Source code: MIT License – See LICENSE for details.
• Fonts in font/: Licensed separately – See font/README.md.