forked from Selig/openclaw-skill
Initial commit: OpenClaw Skill Collection
6 custom skills (assign-task, dispatch-webhook, daily-briefing, task-capture, qmd-brain, tts-voice) with technical documentation. Compatible with Claude Code, OpenClaw, Codex CLI, and OpenCode.
This commit is contained in:
21
openclaw-knowhow-skill/docs/reference/cli/security.md
Normal file
21
openclaw-knowhow-skill/docs/reference/cli/security.md
Normal file
@@ -0,0 +1,21 @@
|
||||
# security
|
||||
|
||||
# `openclaw security`
|
||||
|
||||
Security tools (audit + optional fixes).
|
||||
|
||||
Related:
|
||||
|
||||
* Security guide: [Security](/gateway/security)
|
||||
|
||||
## Audit
|
||||
|
||||
```bash
|
||||
openclaw security audit
|
||||
openclaw security audit --deep
|
||||
openclaw security audit --fix
|
||||
```
|
||||
|
||||
The audit warns when multiple DM senders share the main session and recommends **secure DM mode**: `session.dmScope="per-channel-peer"` (or `per-account-channel-peer` for multi-account channels) for shared inboxes.
|
||||
|
||||
It also warns when small models (`<=300B`) are used without sandboxing and with web/browser tools enabled.
|
||||
Reference in New Issue
Block a user