docs/cli/security.md

---
summary: "CLI reference for `openclaw security` (audit and fix common security footguns)"
read_when:
  - You want to run a quick security audit on config/state
  - You want to apply safe “fix” suggestions (chmod, tighten defaults)
title: "security"
---

# `openclaw security`

Security tools (audit + optional fixes).

Related:

- Security guide: [Security](/gateway/security)

## Audit

```bash
openclaw security audit
openclaw security audit --deep
openclaw security audit --fix
```

The audit warns when multiple DM senders share the main session and recommends **secure DM mode**: `session.dmScope="per-channel-peer"` (or `per-account-channel-peer` for multi-account channels) for shared inboxes.
It also warns when small models (`<=300B`) are used without sandboxing and with web/browser tools enabled.
For webhook ingress, it warns when `hooks.defaultSessionKey` is unset, when request `sessionKey` overrides are enabled, and when overrides are enabled without `hooks.allowedSessionKeyPrefixes`.
It also warns when sandbox Docker settings are configured while sandbox mode is off, when `gateway.nodes.denyCommands` uses ineffective pattern-like/unknown entries, when global `tools.profile="minimal"` is overridden by agent tool profiles, and when installed extension plugin tools may be reachable under permissive tool policy.
docs(cli): add per-command CLI pages 2026-01-15 06:12:54 +00:00			`---`
refactor: rename to openclaw 2026-01-30 03:15:10 +01:00			summary: "CLI reference for `openclaw security` (audit and fix common security footguns)"
docs(cli): add per-command CLI pages 2026-01-15 06:12:54 +00:00			`read_when:`
			`- You want to run a quick security audit on config/state`
			`- You want to apply safe “fix” suggestions (chmod, tighten defaults)`
Docs: add nav titles across docs (#5689) 2026-01-31 16:04:03 -05:00			`title: "security"`
docs(cli): add per-command CLI pages 2026-01-15 06:12:54 +00:00			`---`

refactor: rename to openclaw 2026-01-30 03:15:10 +01:00			# `openclaw security`
docs(cli): add per-command CLI pages 2026-01-15 06:12:54 +00:00
			`Security tools (audit + optional fixes).`

			`Related:`
chore: Run `pnpm format:fix`. 2026-01-31 21:13:13 +09:00
docs(cli): add per-command CLI pages 2026-01-15 06:12:54 +00:00			`- Security guide: [Security](/gateway/security)`

			`## Audit`

			```bash
refactor: rename to openclaw 2026-01-30 03:15:10 +01:00			`openclaw security audit`
			`openclaw security audit --deep`
			`openclaw security audit --fix`
docs(cli): add per-command CLI pages 2026-01-15 06:12:54 +00:00			```

docs: document secure DM mode preset (#7872) * docs: document secure DM mode preset * fix: resolve merge conflict in resizable-divider 2026-02-03 22:55:13 -08:00			The audit warns when multiple DM senders share the main session and recommends secure DM mode: `session.dmScope="per-channel-peer"` (or `per-account-channel-peer` for multi-account channels) for shared inboxes.
docs: fix mdx in security cli doc 2026-01-21 01:24:10 +00:00			It also warns when small models (`<=300B`) are used without sandboxing and with web/browser tools enabled.
fix: harden hook session key routing defaults 2026-02-13 02:09:01 +01:00			For webhook ingress, it warns when `hooks.defaultSessionKey` is unset, when request `sessionKey` overrides are enabled, and when overrides are enabled without `hooks.allowedSessionKeyPrefixes`.
fix(security): extend audit hardening checks 2026-02-13 16:26:37 +01:00			It also warns when sandbox Docker settings are configured while sandbox mode is off, when `gateway.nodes.denyCommands` uses ineffective pattern-like/unknown entries, when global `tools.profile="minimal"` is overridden by agent tool profiles, and when installed extension plugin tools may be reachable under permissive tool policy.