Caelguard: Open-Source Security Scanner for OpenClaw Instances

Caelguard is an open-source security scanner specifically built for OpenClaw instances, developed by a cybersecurity professional with 12+ years of enterprise email security experience. The tool was created in response to the ClawHavoc supply chain attack that revealed over 2,400 malicious skills on ClawHub, with Reuters reporting on March 26 that 12% of the entire marketplace is malware.

Key Features and Checks

The community edition runs 22 security checks across your OpenClaw instance, including:

• Docker isolation
• Tool permission scoping
• Skill supply chain verification
• Prompt injection resistance
• Network egress monitoring
• MCP server integrity
• Config file integrity monitoring

What It Catches

Specific vulnerabilities the scanner identifies:

• Skills installed from ClawHub with no hash pinning (supply chain risk)
• Tool permissions set to allow-all instead of an explicit allowlist
• No DOCKER-USER iptables rules (containers can talk to anything)
• SOUL.md files with zero prompt injection directives
• Cron jobs running in main session context instead of isolated

Implementation Details

Caelguard provides a security score out of 140 with a letter grade and tells you what to fix first. The developer's own instance scored 4 out of 140 initially (now at 83 after remediation). The tool is MIT licensed and available at https://github.com/Caelguard/caelguard-community.

The developer notes that most instances are likely in the 20-40 score range based on observed patterns and is actively seeking feedback on missing checks and edge cases.