openclaw 网盘下载
OpenClaw

技能详情(站内镜像,无评论)

首页 > 技能库 > Openclaw Vault

Credential lifecycle security for agent workspaces. Audit credential exposure, detect misconfigured permissions, inventory all secrets, and identify stale credentials needing rotation. Free alert layer — upgrade to openclaw-vault-pro for automated remediation, credential rotat…

媒体与内容

许可证:MIT-0

MIT-0 ·免费使用、修改和重新分发。无需归因。

版本:v1.0.2

统计:⭐ 5 · 1.3k · 4 current installs · 4 all-time installs

5

安装量(当前) 4

🛡 VirusTotal :良性 · OpenClaw :可疑

Package:atlaspa/openclaw-vault

安全扫描(ClawHub)

  • VirusTotal :良性
  • OpenClaw :可疑

OpenClaw 评估

The skill's stated read-only audit purpose mostly fits the included code, but there are undocumented/extra filesystem-modifying commands (quarantine, fix-permissions, protect) and some minor documentation mismatches that warrant caution before use.

目的

Name/description (credential lifecycle auditing) matches the shipped script's capabilities (scanning permissions, history, git, configs, docker, staleness). Requiring only python3 is proportionate. However the repository and README advertise additional remediation/automation features and the included script exposes commands to change files (fix-permissions, quarantine, protect) that go beyond the read-only audit commands shown in SKILL.md's Co…

说明范围

SKILL.md instructs running audit/exposure/inventory/status and documents local-only operation. The script itself (vault.py) includes additional subcommands that can modify or move files (fix-permissions, quarantine, unquarantine, protect, rotate-check, gitguard). The skill auto-detects a workspace via OPENCLAW_WORKSPACE / cwd / ~/.openclaw/workspace and will scan sensitive locations (shell histories, git, configs) — this is expected for an aud…

安装机制

No install spec — instruction-only with an included Python script. That is low-risk relative to arbitrary network installs. The code claims to use only Python stdlib and the file headers/imports shown are consistent with local-only operation (no obvious network libraries).

证书

The skill declares no required credentials or env vars. It does optionally read OPENCLAW_WORKSPACE for workspace auto-detection (documented in SKILL.md), which is reasonable. No unexpected cloud credentials or unrelated secrets are requested.

持久

always:false (no forced persistent inclusion). The script can write to the filesystem (quarantine, fix-permissions, protect); those side-effectful commands are appropriate for remediation features but increase risk if invoked inadvertently. There's no evidence the skill modifies other skills or global agent configs.

安装(复制给龙虾 AI)

将下方整段复制到龙虾中文库对话中,由龙虾按 SKILL.md 完成安装。

请把本段交给龙虾中文库(龙虾 AI)执行:为本机安装 OpenClaw 技能「Openclaw Vault」。简介:Credential lifecycle security for agent workspaces. Audit credential exposure, …。
请 fetch 以下地址读取 SKILL.md 并按文档完成安装:https://raw.githubusercontent.com/openclaw/skills/refs/heads/main/skills/atlaspa/openclaw-vault/SKILL.md
(来源:yingzhi8.cn 技能库)

SKILL.md

打开原始 SKILL.md(GitHub raw)

---
name: openclaw-vault
user-invocable: true
metadata: {"openclaw":{"emoji":"🔐","requires":{"bins":["python3"]},"os":["darwin","linux","win32"]}}
---

# OpenClaw Vault

Protects your credential lifecycle — not just finding secrets in source code (that's what Sentry does), but tracking how credentials are exposed through services, permissions, history, configs, containers, and time.

## Why This Matters

Credentials don't just leak through source code. They leak through:
- **Permissions** — .env files readable by every user on the system
- **Shell history** — passwords and tokens visible in `.bash_history`
- **Git config** — credentials embedded in remote URLs
- **Config files** — hardcoded secrets in JSON/YAML/TOML/INI configs
- **Log files** — tokens accidentally logged during debugging
- **Docker configs** — secrets baked into container images
- **Staleness** — credentials that haven't been rotated in months

This skill watches the full credential lifecycle. Sentry finds secrets in files. Vault finds secrets that are *exposed*.


## Commands

### Full Credential Audit

Comprehensive credential exposure audit: permission checks, shell history, git config, config file scanning, log file scanning, gitignore coverage, and staleness detection.

```bash
python3 {baseDir}/scripts/vault.py audit --workspace /path/to/workspace
```

### Exposure Check

Detect credential exposure vectors: misconfigured permissions, public directory exposure, git history risks, Docker credential embedding, shell alias leaks, and URL query parameter credentials in code.

```bash
python3 {baseDir}/scripts/vault.py exposure --workspace /path/to/workspace
```

### Credential Inventory

Build a structured inventory of all credential files in the workspace. Categorizes by type (API key, database URI, token, certificate, SSH key, password), tracks age, and flags stale or exposed credentials.

```bash
python3 {baseDir}/scripts/vault.py inventory --workspace /path/to/workspace
```

### Quick Status

One-line summary: credential count, exposure count, staleness warnings.

```bash
python3 {baseDir}/scripts/vault.py status --workspace /path/to/workspace
```

## Workspace Auto-Detection

If `--workspace` is omitted, the script tries:
1. `OPENCLAW_WORKSPACE` environment variable
2. Current directory (if AGENTS.md exists)
3. `~/.openclaw/workspace` (default)

## What It Checks

| Category | Details |
|----------|---------|
| **Permissions** | .env files with world-readable or group-readable permissions |
| **Shell History** | Credentials in .bash_history, .zsh_history, .python_history, etc. |
| **Git Config** | Credentials embedded in git remote URLs, plaintext credential helpers |
| **Config Files** | Hardcoded secrets in JSON, YAML, TOML, INI config files |
| **Log Files** | Credentials accidentally logged in .log files |
| **Gitignore** | Missing patterns for .env, *.pem, *.key, credentials.json, etc. |
| **Staleness** | Credential files older than 90 days that may need rotation |
| **Public Dirs** | Credential files in public/, static/, www/, dist/, build/ |
| **Git History** | Credential files in git repos that may be committed |
| **Docker** | Secrets hardcoded in Dockerfile and docker-compose configs |
| **Shell RC** | Credentials in .bashrc, .zshrc, .profile aliases |
| **URL Params** | API keys/tokens passed in URL query strings in code |

## Exit Codes

- `0` — Clean, no issues
- `1` — Warnings detected (review needed)
- `2` — Critical exposure detected (action needed)

## No External Dependencies

Python standard library only. No pip install. No network calls. Everything runs locally.

## Cross-Platform

Works with OpenClaw, Claude Code, Cursor, and any tool using the Agent Skills specification.