coderclaw securitySecurity tools (audit + optional fixes).
Related:
coderclaw security audit
coderclaw security audit --deep
coderclaw security audit --fix
coderclaw security audit --json
The audit warns when multiple DM senders share the main session and recommends secure DM mode: session.dmScope="per-channel-peer" (or per-account-channel-peer for multi-account channels) for shared inboxes.
It also warns when small models (<=300B) are used without sandboxing and with web/browser tools enabled.
For webhook ingress, it warns when hooks.defaultSessionKey is unset, when request sessionKey overrides are enabled, and when overrides are enabled without hooks.allowedSessionKeyPrefixes.
It also warns when sandbox Docker settings are configured while sandbox mode is off, when gateway.nodes.denyCommands uses ineffective pattern-like/unknown entries, when global tools.profile="minimal" is overridden by agent tool profiles, and when installed extension plugin tools may be reachable under permissive tool policy.
Use --json for CI/policy checks:
coderclaw security audit --json | jq '.summary'
coderclaw security audit --deep --json | jq '.findings[] | select(.severity=="critical") | .checkId'
If --fix and --json are combined, output includes both fix actions and final report:
coderclaw security audit --fix --json | jq '{fix: .fix.ok, summary: .report.summary}'
--fix changes--fix applies safe, deterministic remediations:
groupPolicy="open" to groupPolicy="allowlist" (including account variants in supported channels)logging.redactSensitive from "off" to "tools"credentials/*.json, auth-profiles.json, sessions.json, session *.jsonl)--fix does not:
gateway, cron, exec, etc.)