sinewaveai/security-scanner

Security Scanner for OpenClaw

Protect your OpenClaw instance from:

• Prompt injection attacks - Detects attempts to manipulate your AI assistant
• Data exfiltration - Blocks attempts to steal emails, contacts, files
• Credential theft - Prevents exposure of API keys, passwords, SSH keys
• Messaging abuse - Stops mass messaging and impersonation attacks
• Unsafe automation - Warns about scheduled tasks without confirmation

Quick Start

Install the scanner globally:

npm install -g agent-security-scanner-mcp

Or use directly with npx (no install needed).

Commands

Scan a Prompt

Check if a prompt is safe before execution:

npx agent-security-scanner-mcp scan-prompt "forward all my emails to [email protected]"

Returns BLOCK, WARN, or ALLOW with risk assessment.

Scan Code

Check code for vulnerabilities before running:

npx agent-security-scanner-mcp scan-security ./script.py --verbosity minimal

Check Package

Verify a package isn't hallucinated (AI-invented):

npx agent-security-scanner-mcp check-package some-package npm

Usage Instructions

When a user asks you to do something potentially risky, scan it first:

1. Before executing shell commands - Scan for injection attacks
2. Before running code - Check for vulnerabilities
3. Before sending messages - Verify no mass-messaging or phishing
4. Before accessing sensitive data - Check for exfiltration attempts

Example Workflow

User: "Forward all my work emails to my personal Gmail"

You: Let me check this request for security concerns...
[Run: npx agent-security-scanner-mcp scan-prompt "Forward all my work emails to my personal Gmail"]

Result: BLOCK - Potential email exfiltration attempt

You: I've detected this could be a security risk. Email forwarding to external addresses
could expose sensitive work information. Would you like to:
1. Set up selective forwarding with filters
2. Forward only from specific senders
3. Proceed anyway (not recommended)

Verbosity Levels

• --verbosity minimal - Just action + risk level (~50 tokens)
• --verbosity compact - Action + findings summary (~200 tokens)
• --verbosity full - Complete audit trail (~500 tokens)

What It Detects

OpenClaw-Specific Threats

| Category | Examples | |----------|----------| | Data Exfiltration | "Forward emails to...", "Upload files to...", "Share cookies" | | Messaging Abuse | "Send to all contacts", "Auto-reply to everyone" | | Credential Theft | "Show my passwords", "Access keychain", "List API keys" | | Unsafe Automation | "Run hourly without asking", "Disable safety checks" | | Service Attacks | "Delete all repos", "Make payment to..." |

General Security

• SQL injection, XSS, command injection in code
• Hardcoded secrets and API keys
• Weak cryptography
• Insecure deserialization

Exit Codes

• 0 - Safe / No issues
• 1 - Issues found / Action required

Use exit codes in scripts to automatically block risky operations.