romtuck/openclaw
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
1a76740851
openclaw/docs/security/clauditor.md
Ryan (via Clawdbot) 1a76740851 docs: add Clauditor security watchdog documentation 
- Add dedicated Clauditor doc in docs/security/
- Add VPS hardening section referencing Clauditor
- Clauditor provides tamper-evident logging for production deployments
2026-01-27 07:49:24 +01:00

3.4 KiB
Raw Blame History

summary read_when
Tamper-resistant audit watchdog for VPS deployments
You want to detect if your agent is compromised
You need tamper-evident logging for Clawdbot activity
You're running Clawdbot on a production VPS

Clauditor

Clauditor is a security watchdog that monitors filesystem activity and creates tamper-evident logs. Even if Clawdbot is compromised, it cannot stop the watchdog, forge log entries, or delete evidence.

GitHub: apollostreetcompany/clauditor
ClawdHub: clawdhub install clauditor

Why Clauditor?

When you give an AI agent access to your system, you're trusting it not to:

  • Exfiltrate sensitive data (credentials, keys, personal files)
  • Install persistence mechanisms (cron jobs, SSH keys)
  • Cover its tracks by deleting logs

Clauditor creates an independent audit trail that the agent cannot tamper with, even if fully compromised.

Security Model

Component Owner Clawdbot Access
Daemon sysaudit user Cannot kill
HMAC Key root:sysaudit Cannot read
Log Directory sysaudit Cannot write
Logs sysaudit Can read (tamper-evident)

The watchdog runs as a separate system user (sysaudit). Even with full control of the clawdbot account, an attacker cannot:

  • Stop the monitoring daemon
  • Forge log entries (no access to HMAC key)
  • Delete evidence (no write access to logs)

Features

  • HMAC hash-chained logs — Any tampering breaks the chain
  • Exec monitoring — Tracks all command executions
  • Exfiltration detection — Flags credential reads followed by network commands
  • Baseline tracking — Alerts on first-time command usage
  • Orphan detection — Flags commands running when no Clawdbot session is active
  • Digest reports — Human-readable security summaries

Installation

Clauditor includes an interactive wizard that guides you through installation:

# Clone and build
git clone https://github.com/apollostreetcompany/clauditor.git
cd clauditor
cargo build --release

# Run the wizard (follow prompts)
./target/release/clauditor wizard status
./target/release/clauditor wizard next
# Run the sudo command it shows, then:
./target/release/clauditor wizard verify
# Repeat until complete

Or use the automated script:

sudo bash wizard/wizard.sh

Usage

Check daemon status

systemctl status systemd-journaldd

Generate security report

# Silent mode (only outputs if issues found)
clauditor digest --log /var/lib/.sysd/.audit/events.log --key /etc/sysaudit/key

# Verbose mode (full report)
clauditor digest --log /var/lib/.sysd/.audit/events.log --key /etc/sysaudit/key --verbose

Automated daily digest

# Add to root's crontab
0 6 * * * /usr/local/sbin/systemd-journaldd digest --log /var/lib/.sysd/.audit/events.log --key /etc/sysaudit/key || echo "Anomalies detected" | mail -s "Clauditor Alert" you@example.com

Requirements

  • Linux with systemd
  • Rust toolchain (for building)
  • Root access (for installation)

Recommended For

  • Production VPS deployments — Where Clawdbot has access to sensitive data
  • Multi-user environments — Where audit trails matter
  • High-trust setups — Where you've given Clawdbot elevated permissions

For local development or sandboxed environments, Clauditor is optional but still useful for understanding agent behavior patterns.