Proposal: Integration with OpenClaw Security Guard for automated threat detection #5
Description
Summary
I'd like to propose integrating OpenClaw Security Guard with the OpenClaw trust/threat model.
What is OpenClaw Security Guard?
An open-source CLI tool + live dashboard that audits and hardens OpenClaw installations. It covers:
- Secrets scanning -- 15+ API key formats + Shannon entropy analysis
- Config auditing -- sandbox mode, DM policy, gateway binding, rate limiting
- Prompt injection detection -- 50+ patterns in workspace files and skills
- MCP server verification -- allowlist-based auditing
- npm dependency scanning -- CVE detection
It also provides a real-time security dashboard, auto-hardening with backup, and pre-commit hooks.
Repo: https://github.com/2pidata/openclaw-security-guard
How it relates to the trust model
The Security Guard scanner categories map directly to threat vectors in the OpenClaw threat model:
| Threat Vector | Security Guard Coverage |
|---|---|
| Secret exposure in config/skills | Secrets Scanner (pattern + entropy) |
| Insecure default configuration | Config Auditor (sandbox, DM, gateway) |
| Prompt injection in workspace | Prompt Injection Detector (50+ patterns) |
| Untrusted MCP servers | MCP Server Auditor (allowlist) |
| Vulnerable dependencies | Dependency Scanner (npm audit) |
Proposal
- Reference Security Guard as a community tool in the trust documentation
- Align scanner categories with the official threat model taxonomy
- Collaborate on detection patterns, especially for prompt injection
I'm happy to adapt the tool to better fit the official threat model structure.
Zero telemetry, MIT licensed, 100% local operation.
-- Miloud Belarebia (@miloudbelarebia) / 2PiData