Openclaw Memory Audit
Scanned@shingo0620
npx machina-cli add skill @shingo0620/openclaw-memory-audit --openclawMemory Security Audit
This skill provides a specialized tool to scan the workspace and memory log files for accidentally exposed secrets and ensures a healthy audit routine.
Audit Workflow
1. Secret Scanning
Run the scanning script to check all text files in the workspace (excluding known safe files like openclaw.json).
python3 skills/openclaw-memory-audit/scripts/scan_secrets.py
2. Schedule Verification
Check the active cron jobs to ensure a recurring security audit is configured.
- Call
cron.list()and look for jobs related to "memory security" or "audit". - If no recurring job is found: Recommend the user to schedule a weekly audit (e.g., every Monday at 09:00).
- If found: Confirm the next run time to the user.
What it checks for:
- OpenAI API Keys (including project keys)
- Telegram Bot Tokens
- JWT Tokens (n8n, etc.)
- Generic Alphanumeric Secrets (32+ characters)
- AWS Credentials
Recommendations if secrets are found:
- Revoke the secret immediately at the provider's dashboard.
- Delete or redact the file containing the secret.
- Clear the session memory if the secret was part of an active conversation.
Overview
This skill scans the agent workspace and memory log files for exposed secrets such as API keys, tokens, and credentials. It helps prevent accidental leaks and verifies a recurring audit schedule, recommending a weekly scan if none is configured.
How This Skill Works
The tool first runs a secret-scanning script across text files in the workspace (excluding known safe files like openclaw.json) using: python3 skills/openclaw-memory-audit/scripts/scan_secrets.py. It then checks cron.list() for memory security or audit jobs; if no recurring job is found, it recommends scheduling a weekly audit (e.g., every Monday at 09:00). Finally, it reports findings and provides remediation steps if secrets are detected.
When to Use It
- A user requests a security check or memory audit
- You need to verify that no secrets have been committed to logs
- You want to confirm whether a recurring memory security audit is configured
- Setting up or reviewing automated audits (cron) and need recommendations
- Pre-deployment or post-incident review to confirm secrets are not exposed
Quick Start
- Step 1: Run the secret scan with python3 skills/openclaw-memory-audit/scripts/scan_secrets.py
- Step 2: Check cron.list() for a memory security/audit job and note the next run time
- Step 3: If secrets are found, revoke/delete/redact the secret and ensure a weekly audit is scheduled (e.g., Mondays 09:00)
Best Practices
- Exclude known safe files from scans, such as openclaw.json
- Run the scan with the provided script: python3 skills/openclaw-memory-audit/scripts/scan_secrets.py
- Use cron.list() to verify any memory security or audit jobs are active
- If secrets are found, revoke the secret immediately at the provider's dashboard and redact/delete the file
- Schedule a weekly audit (e.g., every Monday at 09:00) and note the next run time
Example Use Cases
- A security review finds an OpenAI API key in a workspace file; the user revokes the key and redacts the file
- A Telegram Bot Token is detected in memory logs; the token is revoked and the log file redacted
- Cron job for memory security is missing; the user configures a weekly audit at Monday 09:00 and confirms the next run
- A generic 32+ character secret is discovered; the file is deleted or the secret is redacted and the session memory is cleared
- No secrets are found during the scan; audit reports success and the next scheduled run time
