![License: MIT](LICENSE)
![Node.js](package.json)
![GitHub stars](https://github.com/token-security/clawdit)

> Security audit tool for OpenClaw configurations. Find misconfigurations before attackers do.

Features

- Auto-discovery - Finds config files in standard locations
- 35 security checks - Across 8 categories (network, auth, execution, secrets, and more)
- CI/CD ready - JSON output with structured exit codes
- Stdin support - Pipe configs directly for scripting
- Zero config - Works out of the box

Demo

``bash $ clawdit clawdit v0.1.0

Scanning: /home/user/.openclaw/openclaw.json

HIGH NET-001 Gateway binding to 0.0.0.0 exposes service to all interfaces HIGH AUTH-002 No authentication configured for gateway MED SEC-003 Config file has overly permissive permissions (0644)

━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ Summary: 2 HIGH, 1 MEDIUM, 0 LOW (35 checks run)`

`Quick Start`

`$3`

`bash npm install -g @token-security/clawdit`

Or from source:`bash git clone https://github.com/token-security/clawdit.git cd clawdit && npm install && npm run build npm install -g .`

`$3`

`bash npm uninstall -g @token-security/clawdit`

`$3`

`bash clawdit # Auto-discover config and audit clawdit /path/to/config.json # Audit specific file clawdit - # Read from stdin clawdit --format=json # JSON output (default when piped) clawdit --list-checks # List all security checks clawdit --severity=high # Only show HIGH findings clawdit --help # Full options`

`Security Checks`

`$3`

| ID | Severity | Description | |----|----------|-------------| | NET-001 | HIGH | Gateway bound to all interfaces | | NET-002 | MEDIUM | Non-default gateway port | | NET-003 | LOW | Gateway bound to tailnet without token auth |

`$3`

| ID | Severity | Description | |----|----------|-------------| | AUTH-001 | HIGH | Device authentication disabled | | AUTH-002 | HIGH | Insecure auth fallback enabled | | AUTH-003 | HIGH | No gateway authentication configured | | AUTH-004 | MEDIUM | Trusted proxies includes non-private IPs | | AUTH-005 | MEDIUM | Hooks token not configured | | AUTH-006 | MEDIUM | Node pairing credentials exposed | | AUTH-007 | LOW | Missing trusted proxies configuration |

`$3`

| ID | Severity | Description | |----|----------|-------------| | EXEC-001 | HIGH | Exec security set to full | | EXEC-002 | HIGH | Sandbox disabled for all sessions | | EXEC-003 | HIGH | Elevated mode enabled without restrictions | | EXEC-004 | MEDIUM | Exec approval fallback not set to deny | | EXEC-005 | MEDIUM | Sandbox only protects non-main sessions | | EXEC-006 | HIGH | Sandbox scope enables cross-agent access | | EXEC-007 | MEDIUM | Workspace access too permissive |

`$3`

| ID | Severity | Description | |----|----------|-------------| | SEC-001 | HIGH | API keys hardcoded in config | | SEC-002 | HIGH | Configuration file is world-readable | | SEC-003 | HIGH | Credentials directory exposed | | SEC-004 | MEDIUM | .env file is readable by other users | | SEC-005 | MEDIUM | Session transcripts exposed | | SEC-006 | LOW | Log redaction disabled | | SEC-007 | LOW | No custom redact patterns | | SEC-008 | MEDIUM | State directory has insecure permissions |

`$3`

| ID | Severity | Description | |----|----------|-------------| | DISC-001 | MEDIUM | mDNS full mode exposes system info | | DISC-002 | LOW | mDNS enabled (information disclosure) |

`$3`

| ID | Severity | Description | |----|----------|-------------| | CHAN-001 | HIGH | Open DM policy without allowlist | | CHAN-002 | MEDIUM | Group policy not set to allowlist | | CHAN-003 | LOW | Require mention disabled in groups | | CHAN-004 | MEDIUM | DM session isolation disabled | | CHAN-005 | LOW | Verbose/reasoning enabled in groups |

`$3`

| ID | Severity | Description | |----|----------|-------------| | MODEL-001 | LOW | Weak model with tools enabled |

`$3`

| ID | Severity | Description | |----|----------|-------------| | PLUG-001 | MEDIUM | Plugins without explicit allowlist | | PLUG-002 | MEDIUM | Plugin directory permissions exposed |

`Scripting`

`bash

`Check exit code in scripts`


clawdit config.json && echo "All clear" || echo "Issues found: $?"
Parse JSON output

clawdit --format=json | jq '.findings[] | {id, severity, name}'
Pipe config from another command

cat config.json | clawdit -


Exit Codes
| Code | Meaning |
|------|---------|
| 0 | All checks passed |
| 1 | HIGH severity findings |
| 2 | MEDIUM severity findings |
| 3 | LOW severity findings |
| 10+ | Configuration/runtime errors |
Versioning
This project follows Semantic Versioning:
| Version Bump | When to Use | Example |
|--------------|-------------|---------|
| MAJOR (x.0.0) | Breaking changes: removed checks, changed exit codes, incompatible CLI flags | 1.0.0 → 2.0.0 |
| MINOR (0.x.0) | New features: new checks, new output formats, new CLI options | 0.1.0 → 0.2.0 |
| PATCH (0.0.x) | Bug fixes: fixed false positives, documentation updates | 0.1.0 → 0.1.1 |

To release a new version:`bash npm version patch|minor|major git push --follow-tags npm publish --access public`

`Contributing`

PRs welcome! Please run npm test` before submitting.

See CONTRIBUTING.md for guidelines and CLAUDE.md for architecture details.

License

MIT - Token Security

![License: MIT](LICENSE)
![Node.js](package.json)
![GitHub stars](https://github.com/token-security/clawdit)

> Security audit tool for OpenClaw configurations. Find misconfigurations before attackers do.

Features

Demo

``bash $ clawdit clawdit v0.1.0

Scanning: /home/user/.openclaw/openclaw.json

HIGH NET-001 Gateway binding to 0.0.0.0 exposes service to all interfaces HIGH AUTH-002 No authentication configured for gateway MED SEC-003 Config file has overly permissive permissions (0644)

━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ Summary: 2 HIGH, 1 MEDIUM, 0 LOW (35 checks run)`

`Quick Start`

`$3`

`bash npm install -g @token-security/clawdit`

Or from source:`bash git clone https://github.com/token-security/clawdit.git cd clawdit && npm install && npm run build npm install -g .`

`$3`

`bash npm uninstall -g @token-security/clawdit`

`$3`

`Security Checks`

`$3`

| ID | Severity | Description | |----|----------|-------------| | DISC-001 | MEDIUM | mDNS full mode exposes system info | | DISC-002 | LOW | mDNS enabled (information disclosure) |

`$3`

| ID | Severity | Description | |----|----------|-------------| | MODEL-001 | LOW | Weak model with tools enabled |

`$3`

| ID | Severity | Description | |----|----------|-------------| | PLUG-001 | MEDIUM | Plugins without explicit allowlist | | PLUG-002 | MEDIUM | Plugin directory permissions exposed |

`Scripting`

`bash

`Check exit code in scripts`


clawdit config.json && echo "All clear" || echo "Issues found: $?"
Parse JSON output

clawdit --format=json | jq '.findings[] | {id, severity, name}'
Pipe config from another command

cat config.json | clawdit -


Exit Codes
| Code | Meaning |
|------|---------|
| 0 | All checks passed |
| 1 | HIGH severity findings |
| 2 | MEDIUM severity findings |
| 3 | LOW severity findings |
| 10+ | Configuration/runtime errors |
Versioning
This project follows Semantic Versioning:
| Version Bump | When to Use | Example |
|--------------|-------------|---------|
| MAJOR (x.0.0) | Breaking changes: removed checks, changed exit codes, incompatible CLI flags | 1.0.0 → 2.0.0 |
| MINOR (0.x.0) | New features: new checks, new output formats, new CLI options | 0.1.0 → 0.2.0 |
| PATCH (0.0.x) | Bug fixes: fixed false positives, documentation updates | 0.1.0 → 0.1.1 |

To release a new version:`bash npm version patch|minor|major git push --follow-tags npm publish --access public`

`Contributing`

PRs welcome! Please run npm test` before submitting.

See CONTRIBUTING.md for guidelines and CLAUDE.md for architecture details.

License

MIT - Token Security