OpenClaw Janitor Skill for Automated System Management and Security Hardening

A developer has created a skill for managing OpenClaw systems through automated configuration and security hardening. The approach addresses the common challenge where OpenClaw setups tend to be either overly secure and non-functional or useful but potentially dangerous.

Key Implementation Details

The developer configured Claude Code to SSH into the OpenClaw machine and execute hardening tasks including:

• OpenClaw configuration adjustments
• Sandboxing implementation
• General OS hygiene improvements
• Channel security for Telegram, Discord, and other communication platforms
• Access control configuration (determining who can write to the agent)

Project Structure and Documentation

The system maintains a "project folder" containing:

• All relevant OpenClaw information
• A CLAUDE.md file with instructions for:
• Auditing the OpenClaw system after upgrades
• Performing maintenance and security checks
• Verifying skill security

Risk Management Strategies

The developer recommends using a subscription with the main OpenClaw agent instead of direct API access to prevent unexpected costs from infinite loops or other issues. They note this approach reduces exposure to scenarios like waking up to a €2,000 API bill from agent misbehavior.

Skill Functionality

The claw-janitor skill, available at codeberg.org/rine/skills, offers to create the project folder if it doesn't exist and manages the ongoing maintenance process. The developer emphasizes trusting the AI to "figure it out" by itself, with the expectation that it will report failures and that proper sandboxing will minimize the cost of those failures.