ClawSec Scanner
ClawSec Scanner is a defensive control that combines dependency scanning, CVE enrichment, static analysis, and OpenClaw-specific dynamic testing into a single workflow.
Date
Mar 10, 2026
First Seen
Mar 10, 2026
Last Reviewed
Mar 11, 2026
Publisher
Prompt Security
Source Type
repo
Related reading
OpenClaw Security GuideA practical baseline for local binding, scoped credentials, sandboxing, runtime checks, and Armorer Guard.
Securing OpenClaw with Armorer GuardHow Armorer wraps OpenClaw with managed setup, Docker hardening, health checks, approvals, and Guard-backed scanning.
ClawSec Scanner
Summary
ClawSec Scanner is a defensive control that combines dependency scanning, CVE enrichment, static analysis, and OpenClaw-specific dynamic testing into a single workflow.
What It Covers
npm auditandpip-auditstyle dependency findings- OSV, NVD, and GitHub advisory enrichment
- Semgrep and Bandit static analysis
- OpenClaw hook-focused dynamic testing
Why It Belongs In The KB
This is not a threat entry. It is a response control that operators can deploy to continuously reduce risk and discover issues earlier.
Source
- Repository source record: ClawSec releases and skill index
Notes
- Track this entry as a control so future findings can reference it as a mitigation.