Healthcheck — OpenClaw Skill
Host security auditing, hardening, update checks, and periodic security scanning.
What This Skill Does
The Healthcheck skill turns your OpenClaw agent into a security auditor for the host machine it runs on. It performs comprehensive read-only checks -- listening ports, firewall status, disk encryption, backup health, OpenClaw security configuration, and available updates -- then produces a risk assessment and remediation plan tailored to your specific environment and risk tolerance.
The workflow is structured and safe by design. The skill starts by inferring your system context (OS, access method, network exposure) and runs openclaw security audit --deep along with OS-level checks. It then asks you to select a risk profile (Home Balanced, VPS Hardened, Developer Convenience, or Custom) and generates a step-by-step hardening plan. No changes are made without explicit approval, and every recommended action includes a rollback strategy.
After the initial audit, the skill can schedule periodic security scans via OpenClaw's cron system, so your host stays hardened over time. It pairs well with the ClawHub skill for checking the safety of installed skills, and is essential reading if you're following our OpenClaw security issues in 2026 analysis.
Example Prompts
Run a full security audit on this machine and tell me what needs fixing
Check if there are any OpenClaw updates available and what version I'm running
Harden this Mac for a home workstation setup -- balanced security without breaking SSH access
Show me all open ports and listening services on this machine
Schedule a weekly security audit that runs every Sunday at 3am and saves results to ~/security-logs/
Check my firewall status, disk encryption, and backup health
Apply the OpenClaw safe defaults and tighten file permissions
Requirements
Built-in: No external dependencies required
- OpenClaw CLI: Uses built-in
openclaw security auditandopenclaw update status - OS tools: Standard system utilities (firewall, port scanning, disk encryption checks)
- Permissions: Some checks may require admin/root access for full visibility
Setup on KiwiClaw
The Healthcheck skill is available on all KiwiClaw plans. On managed machines, KiwiClaw handles baseline security hardening automatically. You can still run audits to verify the posture and schedule periodic checks from the KiwiClaw dashboard. The skill is especially useful for BYOK plans where you manage your own configuration.
Setup Self-Hosted
- The Healthcheck skill is included with OpenClaw -- no additional installation needed
- Ask your agent: "Run a security audit on this machine"
- Grant permission for read-only checks when prompted
- Review the risk assessment and choose a hardening profile
- Optionally schedule periodic audits via
openclaw cron add
Related Skills
- ClawHub -- audit and update installed skills for security
- Session Logs -- review agent activity for suspicious patterns
- GitHub -- manage security-related issues and PRs in your repos
- Oracle -- get a second opinion on complex security decisions
FAQ
What can the Healthcheck skill do in OpenClaw?
The Healthcheck skill performs comprehensive security audits of your host machine, checks firewall status and open ports, reviews OpenClaw's security configuration, checks for available updates, recommends hardening steps based on your risk profile, and can schedule periodic security scans via cron.
Does the Healthcheck skill make changes to my system?
Not without explicit approval. The skill starts with read-only checks and requires confirmation before any state-changing action. It prefers reversible, staged changes with rollback plans. You can choose to view the plan only, fix critical issues only, or export commands for later. Learn more about OpenClaw security in our safety analysis.
Can I schedule recurring security scans?
Yes. After an audit, the skill can schedule periodic checks using OpenClaw's cron system. You choose the cadence (daily/weekly), time window, and output location. It uses stable cron job names for deterministic updates.
Is the Healthcheck skill safe to use?
The Healthcheck skill has been security-vetted by KiwiClaw. It uses OpenClaw's built-in security audit commands and standard OS tools. All actions require explicit approval, and no changes are made without confirmation.