Automated daily security audits for OpenClaw agents with formatted email and DM reporting.
Works with
Runs standard and deep security audits via openclaw security audit commands, collecting findings by severity (critical, warning, info)
Configures a daily cron job (default 23:00) with timezone support, delivering summarized reports to Telegram, Slack, email, or other DM channels
Supports environment variable provisioning for MDM/automated deployments, with minimal interactive prompts as fallbac
AI-first code editor with Composer
Before installing skills in Cursor, ensure your development environment meets these requirements:
node --versionopenclaw-audit-watchdogExecute the skills CLI command in your project's root directory to begin installation:
Fetches openclaw-audit-watchdog from prompt-security/clawsec and configures it for Cursor.
The CLI shows a list of agents. Use arrow keys and space to select Cursor:
Confirm successful installation by checking the skill directory location:
Restart Cursor to activate openclaw-audit-watchdog. Access via /openclaw-audit-watchdog in your agent's command palette.
We perform automated surface-level scans (Gen AI Scanner, Socket, Snyk) during installation. These checks detect common vulnerabilities but do not guarantee complete security. Always review skill source code and verify the publisher's reputation before production use.
Skills execute code in your environment. Always review source, verify the publisher, and test in isolation before production.
Submit your Claude Code skill and start earning
Create detailed user stories, acceptance criteria, and feature specs
Example
Generate user stories for 'password reset feature' with acceptance criteria, edge cases, and test scenarios
Reduce spec writing time by 50%, ensure comprehensive coverage
Research competitors, compare features, identify gaps
Example
Analyze 5 competitor products, create feature comparison matrix, suggest differentiation opportunities
Complete competitive research in 2 hours instead of 2 days
Evaluate features using frameworks (RICE, ICE, Kano) and create prioritized backlogs
Example
Score 20 feature ideas using RICE framework, generate prioritized roadmap with rationale
0
total installs
0
this week
883
GitHub stars
0
upvotes
Run in your terminal
0
installs
0
this week
883
stars
You can get openclaw-audit-watchdog in two ways:
If you've installed clawsec-suite, you may already have this!
Openclaw-audit-watchdog is bundled alongside ClawSec Suite to provide crucial automated security audit capabilities. When you install the suite, if you don't already have the audit watchdog installed, it will be deployed from the bundled copy.
Advantages:
~/.openclaw/skills/openclaw-audit-watchdog/Install openclaw-audit-watchdog independently without the full suite.
When to use standalone:
Advantages:
Continue below for standalone installation instructions.
Create (or update) a daily cron job that:
openclaw security audit --jsonopenclaw security audit --deep --jsonSummarizes findings (critical/warn/info + top findings)
Sends the report to:
Default schedule: daily at 23:00 (11pm) in the chosen timezone.
Delivery:
For automated/MDM deployments, set environment variables before invoking:
export PROMPTSEC_DM_CHANNEL="telegram"
export PROMPTSEC_DM_TO="@yourhandle"
export PROMPTSEC_TZ="America/New_York"
export PROMPTSEC_HOST_LABEL="prod-server-01"
# Then invoke the skill
/openclaw-audit-watchdog
The skill will automatically configure and create the cron job without prompts.
If environment variables aren't set, the skill will prompt minimally:
User: /openclaw-audit-watchdog
Agent: Setting up daily security audit watchdog...
What channel should I use for delivery? (e.g., telegram, slack)
User: telegram
Agent: What's the recipient ID or handle?
User: @myhandle
Agent: Which timezone for the 23:00 daily run? (default: UTC)
User: America/Los_Angeles
Agent: ✓ Created cron job "Daily security audit (Prompt Security)"
Schedule: Daily at 23:00 America/Los_Angeles
Delivery: telegram → @myhandle
If a job already exists, the skill updates it instead of creating duplicates:
User: /openclaw-audit-watchdog
Agent: Found existing "Daily security audit (Prompt Security)" job.
Current: Daily at 23:00 UTC → telegram:@oldhandle
Update delivery target? (current: telegram:@oldhandle)
User: slack:#security-alerts
Agent: ✓ Updated cron job
Schedule: Daily at 23:00 UTC
Delivery: slack:#security-alerts
Each day at the scheduled time, you'll receive a report like:
🔭 Daily Security Audit Report
Host: prod-server-01
Time: 2026-02-16 23:00:00 America/New_York
━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
SUMMARY
━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
✓ Standard Audit: 12 checks passed, 2 warnings
✓ Deep Audit: 8 probes passed, 1 critical
━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
CRITICAL FINDINGS
━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
[CRIT-001] Unencrypted API Keys Detected
→ Remediation: Move credentials to encrypted vault or use environment variables
━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
WARNINGS
━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
[WARN-003] Outdated Dependencies Found
→ Remediation: Run `openclaw security audit --fix` to update
[WARN-007] Weak Permission on Config File
→ Remediation: chmod 600 ~/.openclaw/config.json
━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
Run `openclaw security audit --deep` for full details.
Want a different schedule? Set it before invoking:
# Run every 6 hours instead of daily
export PROMPTSEC_SCHEDULE="0 */6 * * *"
/openclaw-audit-watchdog
For managing multiple servers, use different host labels:
# On dev server
export PROMPTSEC_HOST_LABEL="dev-01"
export PROMPTSEC_DM_TO="@dev-team"
/openclaw-audit-watchdog
# On prod server
export PROMPTSEC_HOST_LABEL="prod-01"
export PROMPTSEC_DM_TO="@oncall"
/openclaw-audit-watchdog
Each will send reports with clear host identification.
To suppress audit findings that have been reviewed and accepted, pass the --enable-suppressions flag and ensure the config file includes the "enabledFor": ["audit"] sentinel:
# Create or edit the suppression config
cat > ~/.openclaw/security-audit.json <<'JSON'
{
"enabledFor": ["audit"],
"suppressions": [
{
"checkId": "skills.code_safety",
"skill": "clawsec-suite",
"reason": "First-party security tooling — reviewed by security team",
"suppressedAt": "2026-02-15"
}
]
}
JSON
# Run with suppressions enabled
/openclaw-audit-watchdog --enable-suppressions
Suppressed findings still appear in the report under an informational section but are excluded from critical/warning totals.
The audit pipeline supports an opt-in suppression mechanism for managing reviewed findings. Suppression uses defense-in-depth activation: two independent gates must both be satisfied.
--enable-suppressions flag must be passed at invocation."enabledFor" with "audit" in the array.If either gate is absent, all findings are reported normally and the suppression list is ignored.
--config <path> argumentOPENCLAW_AUDIT_CONFIG environment variable~/.openclaw/security-audit.json.clawsec/allowlist.json{
"enabledFor": ["audit"],
"suppressions": [
{
"checkId": "skills.code_safety",
"skill": "clawsec-suite",
"reason": "First-party security tooling — reviewed by security team",
"suppressedAt": "2026-02-15"
}
]
}
"enabledFor": ["audit"] -- audit suppression active (requires --enable-suppressions flag too)"enabledFor": ["advisory"] -- only advisory pipeline suppression (no effect on audit)"enabledFor": ["audit", "advisory"] -- both pipelines honor suppressionsenabledFor -- no suppression active (safe default)skills.code_safety)Provisioning (MDM-friendly): prefer environment variables (no prompts).
Required env:
PROMPTSEC_DM_CHANNEL (e.g. telegram)PROMPTSEC_DM_TO (recipient id)Optional env:
PROMPTSEC_TZ (IANA timezone; default UTC)PROMPTSEC_HOST_LABEL (label included in report; default uses hostname)PROMPTSEC_INSTALL_DIR (stable path used by cron payload to cd before running runner; default: ~/.config/security-checkup)PROMPTSEC_GIT_PULL=1 (runner will git pull --ff-only if installed from git)Path expansion rules (important):
bash/zsh, use PROMPTSEC_INSTALL_DIR="$HOME/.config/security-checkup" (or absolute path).'$HOME/.config/security-checkup'.$env:PROMPTSEC_INSTALL_DIR = Join-Path $HOME ".config/security-checkup".$HOME directory segment.Interactive install is last resort if env vars or defaults are not set.
even in that case keep prompts minimalistic the watchdog tool is pretty straight up configured out of the box.
Use the cron tool to create a job with:
schedule.kind="cron"schedule.expr="0 23 * * *"schedule.tz=<installer tz>sessionTarget="isolated"wakeMode="now"payload.kind="agentTurn"payload.deliver=trueCreate the job with a payload message that instructs the isolated run to:
openclaw security audit --jsonopenclaw security audit --deep --jsonInclude:
checkId + title + 1-line remediationmessage toolAttempt email delivery in this priority order:
A) If an email channel plugin exists in this deployment, use:
message(action="send", channel="email", target="[email protected]", message=<report>)B) Otherwise, fallback to local sendmail if available:
exec with: printf "%s" "$REPORT" | /usr/sbin/sendmail -t (construct To/Subject headers)If neither path is possible, still DM the user and include a line:
"NOTE: could not deliver to [email protected] (email channel not configured)"Before adding a new job:
cron.list(includeDisabled=true)"Daily security audit" exists, update it instead of adding a duplicate:
"Daily security audit (Prompt Security)"The cron’s report should suggest fixes but must not apply them.
Do not run openclaw security audit --fix unless explicitly asked.
Make data-driven prioritization decisions faster
Draft PRDs, status updates, and stakeholder presentations
Example
Create executive summary of Q3 roadmap, monthly progress report, feature launch announcement
Save 3-5 hours/week on communication overhead
Prerequisites
Time Estimate
30-60 minutes to see productivity improvements
Steps
Common Pitfalls
✓ Do
✗ Don't
💡 Pro Tips
✓ Use when
Use for user story writing, competitive research, roadmap prioritization, stakeholder communication, and PRD drafting. Best for reducing repetitive documentation and research work.
✗ Avoid when
Avoid for strategic product vision (requires deep customer empathy), pricing decisions (needs market and financial expertise), or when face-to-face customer discovery is more valuable than speed.
shadcn/improve
mattpocock/skills
parcadei/continuous-claude-v3
cursor/plugins
ailabs-393/ai-labs-claude-skills
pproenca/dot-skills
openclaw-audit-watchdog reduced setup friction for our internal harness; good balance of opinion and flexibility.
openclaw-audit-watchdog reduced setup friction for our internal harness; good balance of opinion and flexibility.
Solid pick for teams standardizing on skills: openclaw-audit-watchdog is focused, and the summary matches what you get after install.
openclaw-audit-watchdog has been reliable in day-to-day use. Documentation quality is above average for community skills.
Registry listing for openclaw-audit-watchdog matched our evaluation — installs cleanly and behaves as described in the markdown.
Useful defaults in openclaw-audit-watchdog — fewer surprises than typical one-off scripts, and it plays nicely with `npx skills` flows.
openclaw-audit-watchdog is among the better-maintained entries we tried; worth keeping pinned for repeat workflows.
Solid pick for teams standardizing on skills: openclaw-audit-watchdog is focused, and the summary matches what you get after install.
I recommend openclaw-audit-watchdog for anyone iterating fast on agent tooling; clear intent and a small, reviewable surface area.
Registry listing for openclaw-audit-watchdog matched our evaluation — installs cleanly and behaves as described in the markdown.
showing 1-10 of 59