Skip to content

backslash-security/Claw-Hunter

BranchesTags

Repository files navigation

Claw Hunter

🦞 Claw Hunter 🦞
Open-Claw Visibility Scanning and Security
by Backslash Security

License: MIT Bash PowerShell

Let us guess, your developers are not running OpenClaw, are they? πŸ‘€

Claw Hunter is a discovery and risk-assessment tool for OpenClaw (formerly known as Clawdbot and Moltbot) instances. It identifies "Shadow AI", audits agent privileges. It let's you (the user) ensure that your user endpoints, data and network are not compromised by unauthorized access.

Backslash Security

πŸ›‘οΈ Why it matters for Security Teams

In the 2026 landscape, autonomous agents like OpenClaw operate as high-privilege service accounts. While they boost productivity, they often bypass standard IAM policies, creating "Shadow AI" instances that can execute shell commands and move data across your network.

Claw Hunter is purpose-built for ITSec teams to detect:

  • Security Risks: Shell access, filesystem write permissions, exposed gateways
  • Credential Exposure: Scans for potential secrets and API keys
  • Integration Inventory: Active agents, channels, and registry entries
  • Configuration Issues: Missing auth tokens, misconfigured services
  • Installation Status: CLI, config files, running processes

✨ Core Capabilities

  • βœ… System Agnostic Visibility: macOS, Linux (bash 3.2+), Windows (PowerShell 5.1+)
  • βœ… MDM-Ready: Silent execution, proper exit codes, centralized logging
  • βœ… Non-Intrusive: Read-only operations, no system modifications
  • βœ… Comprehensive Detection: Installation, configuration, processes, secrets
  • βœ… Structured Output: JSON format for automation and SIEM integration
  • βœ… Zero Dependencies: Pure bash/PowerShell, optional jq for enhanced JSON

MDM Integration

  • πŸ”’ Silent execution mode for automated deployment
  • πŸ“Š Machine identification (hostname, serial number, timestamp)
  • 🎯 Security risk scoring (clean, warning, critical)
  • πŸ“€ Upload results to central API endpoint
  • πŸ” Bearer token authentication support
  • πŸ“ Persistent logging to standard locations
  • βœ… Proper exit codes for automation

Exit Codes

  • 0: No issues detected (clean)
  • 1: Security issues or warnings found
  • 2: OpenClaw not installed
  • 3: Script execution error

πŸš€ Quick Start

Interactive Mode (Manual Audit)

macOS/Linux:

# Download and run
curl -O  https://raw.githubusercontent.com/backslash-security/Claw-Hunter/main/claw-hunter.sh
chmod +x claw-hunter.sh
./claw-hunter.sh

Windows:

# Download and run
Invoke-WebRequest -Uri  https://raw.githubusercontent.com/backslash-security/Claw-Hunter/main/claw-hunter.ps1 -OutFile claw-hunter.ps1
.\claw-hunter.ps1

MDM Deployment (Automated)

Jamf Pro (macOS):

sudo /path/to/claw-hunter.sh --mdm --upload-url https://your-api.com/audits --api-key-file /etc/openclaw-key

Microsoft Intune (Windows):

.\claw-hunter.ps1 --mdm --upload-url https://your-api.com/audits

See MDM Deployment Guides for platform-specific instructions.

πŸ“– Usage

Command-Line Options

./claw-hunter.sh [OPTIONS]

Options:
  --json                   Print JSON output to terminal (stdout)
  --json-path <file>       Save JSON results to this file path
  --mdm                    MDM mode: silent execution with JSON output
  --upload-url <url>       Upload JSON results to this URL
  --api-key-file <file>    File containing API key for authentication
  --log-file <file>        Write logs to this file
  -h, --help               Show help message

MDM Mode:
  Silent execution designed for automated deployment via MDM platforms.
  - Suppresses terminal output (errors go to stderr)
  - Writes JSON to /var/log/claw-hunter.json (Unix) or C:\ProgramData\claw-hunter.json (Windows)
  - Logs to corresponding .log file
  - Returns proper exit codes for automation

Examples

# Interactive mode with terminal output
./claw-hunter.sh

# Save results to JSON file
./claw-hunter.sh --json-path /tmp/audit-results.json

# Print JSON to stdout
./claw-hunter.sh --json

# MDM deployment with upload
sudo ./claw-hunter.sh --mdm --upload-url https://api.example.com/audits --api-key-file /etc/audit-key

# MDM with custom paths
sudo ./claw-hunter.sh --mdm --json-path /custom/audit.json --log-file /var/log/custom.log

πŸ“Š Output Format

Terminal Output (Interactive Mode)

==========================================
πŸ›‘οΈ  OPENCLAW SECURITY AUDIT: UNIX/MAC (v3)
==========================================

--- [ Detection ] ---
βœ… State Dir: /Users/john/.openclaw
βœ… Config: /Users/john/.openclaw/openclaw.json (found)
βœ… CLI: /usr/local/bin/openclaw (v1.2.3)

--- [ Network & Gateway ] ---
⚑ Gateway: ACTIVE (Port 18789 | PID: 12345)
⚠️  Gateway auth token: NOT SET

--- [ Privileges & Tools ] ---
❗ RISK: Shell Access ENABLED
βœ… Filesystem Write: not flagged

JSON Output (MDM Mode)

{
  "mdm_mode": true,
  "mdm_metadata": {
    "hostname": "LAPTOP-ABC123",
    "serial_number": "C02XYZ123456",
    "timestamp": "2026-02-02T20:30:00Z",
    "script_version": "3.0"
  },
  "security_summary": {
    "risk_level": "warning",
    "critical_issues": 1,
    "warnings": 2,
    "info_items": 5
  },
  "platform": "unix",
  "os": "macos",
  "cli_installed": true,
  "cli_version": "1.2.3",
  "gateway_running": true,
  "gateway_token_set": false,
  "risk_shell_access_enabled": true,
  "secrets_found": false
}

See examples/ for complete output samples.

πŸ”§ Requirements

Bash Script (macOS/Linux)

  • Bash 3.2 or higher (pre-installed on macOS/most Linux)
  • Standard Unix utilities: grep, awk, sed, find
  • Optional: jq for enhanced JSON formatting
  • Root/sudo access for MDM mode (for serial number access)

PowerShell Script (Windows)

  • PowerShell 5.1 or higher (Windows 10/11)
  • No additional dependencies
  • Administrator privileges recommended for MDM mode

πŸ§ͺ Testing

Run the test suite to verify functionality:

# Bash tests
cd tests/bash
./run-tests.sh

# PowerShell tests
cd tests/powershell
.\run-tests.ps1

See tests/README.md for detailed testing documentation.

πŸ“ License

Distributed under the MIT License. see the LICENSE file for details.

βš–οΈ Legal Disclaimer

Claw Hunter is an independent security research tool. We are not affiliated, associated, authorized, endorsed by, or in any way officially connected with OpenClaw (formerly Moltbot) or any of its subsidiaries or its affiliates. The name OpenClaw as well as related names, marks, emblems, and images are registered trademarks of their respective owners.

⚠️ Disclaimer

This tool performs read-only security audits and does not modify system configurations. Always test in a non-production environment first. The tool detects potential security issues but does not make judgments about your specific security requirements.
Security Considerations - What the audit detects and why

🀝 Contact & Support

For security disclosures, enterprise support, or general inquiries, please reach out to the team.

🩷 Acknowledgments

  • All the contributors making AI safer every day.

  • Maintained with ❀️ by the team at Backslash Security.

  • Special thanks to the security researchers documenting the evolution of autonomous agent persistence.

  • Don't forget to Vibe Safely!

    Backslash Security Backslash Security

About

MDM-ready scripts for detecting and monitoring OpenClaw (clawdbot, moltbot) on managed devices. Detect, audit and secure shadow AI agents across macOS, Linux and Windows endpoints.

www.backslash.security/

Topics

security mdm itsecurity itsec shadow-ai vibe-coding shadow-ai-detector clawdbot openclaw

Resources

Readme

License

MIT license

Security policy

Security policy
Activity
Custom properties

Stars

75 stars

Watchers

2 watching

Forks

6 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors

Languages