Skip to content

eliBenven/openclaw-security-center

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

5 Commits
.github/workflows
.github/workflows
 
 
packages
packages
 
 
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
QUICKSTART.md
QUICKSTART.md
 
 
README.md
README.md
 
 
package-lock.json
package-lock.json
 
 
package.json
package.json
 
 

Repository files navigation

openclaw-security-center

Security control plane for OpenClaw deployments.

What it does

  • Posture dashboard: OpenClaw security audit + host security signals with risk scoring in one place
  • Guided remediation: generates a plan + executes only with explicit per-step approvals
  • Continuous monitoring: scheduled audits + alerts on regressions (firewall, encryption, new ports, audit status)
  • Audit trail: diffable history of findings and actions stored in local SQLite

v1 Success criteria (definition of done)

1) One-command dashboard

  • npx ocsec dashboard starts a local web UI
  • UI shows: OpenClaw audit status, update status, listening ports (parsed table), firewall state, disk encryption, auto-updates
  • Risk score (0-100) with deduction breakdown and remediation list
  • Recent runs list (audit trail) and "Collect Now" button
  • Works on macOS + Ubuntu (best-effort; unsupported signals degrade gracefully)

2) Safe remediation workflow

  • npx ocsec plan outputs a numbered remediation plan with exact commands + rollback notes
  • npx ocsec apply requires explicit confirmation per step (interactive readline loop)
  • Includes rollback tracking and skip/abort support
  • Includes OpenClaw-only fix path: openclaw security audit --fix

3) Monitoring + alerts

  • npx ocsec monitor --cron generates a cron entry for scheduling weekly audits
  • npx ocsec monitor compares latest two runs and flags regressions (firewall, encryption, auto-updates, new ports, audit errors)
  • npx ocsec monitor --json emits structured alert JSON for automation

4) Audit history

  • Stores run history locally (SQLite with WAL mode)
  • npx ocsec diff <runA> <runB> shows colored diffs between runs (supports run IDs from DB and file paths)
  • Can export JSON reports via npx ocsec collect > snapshot.json

Architecture

  • packages/agent -- collectors (OpenClaw + host signals), structured port parsing
  • packages/cli -- ocsec commands (collect, plan, apply, dashboard, diff, monitor)
  • packages/server -- local Express API + SQLite store + HTML dashboard renderer
  • packages/web -- dashboard UI (reserved for future React/SPA migration)

Quick start

npm install
npm run build
npm run dashboard        # starts server + opens browser at http://localhost:7337

CLI commands

ocsec collect            # collect snapshot and print JSON
ocsec dashboard          # start local dashboard server
ocsec plan               # generate remediation plan (no changes)
ocsec apply              # apply plan with interactive confirmation per step
ocsec diff <a> <b>       # diff two snapshots (run IDs or file paths)
ocsec monitor            # compare latest two runs, flag regressions
ocsec monitor --cron     # print a sample cron entry
ocsec monitor --json     # output alert as JSON

License

MIT

About

Security control plane for OpenClaw deployments (posture, remediation, monitoring, audit trail).

Topics

cli security typescript posture-management openclaw

Resources

Readme

License

MIT license
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors

Languages