Over the last 10 days, we’ve built something incredible. We started with a Raspberry Pi, gave it a brain (Gemini/OpenAI), eyes (Vision), a voice (TTS), and even a job (writing this blog).

But there’s a catch. We’ve built a highly capable autonomous agent with shell access, internet connectivity, and the ability to execute code. If that sounds like a security risk, you’re right.

Today, we’re locking it down. We’re not just securing the Raspberry Pi; we’re teaching the agent to audit its own security using a specialized Healthcheck Skill.

The Foundation: Linux Hardening

Before we touch the AI layer, we need to secure the OS. Since OpenClaw runs on Linux (our Raspberry Pi), standard server hardening rules apply.

1. The User Principle

Never run your agent as root. We run OpenClaw as the user james. This limits the blast radius if the agent (or an attacker) tries to do something destructive. sudo requires a password, and the agent doesn’t have it unless we explicitly provide it (which we don’t).

2. SSH Keys Only

Password authentication is the weakest link. We’ve disabled password login for SSH and rely entirely on SSH keys.

# /etc/ssh/sshd_config
PasswordAuthentication no
PermitRootLogin no

3. The Firewall (UFW)

We use ufw (Uncomplicated Firewall) to close everything except what we absolutely need.

sudo ufw default deny incoming
sudo ufw allow ssh  # Better: limit to your LAN IP range
sudo ufw enable

Securing the Agent

OpenClaw has its own security mechanisms.

Tool Policies (TOOLS.md)

OpenClaw allows us to define strict policies for every tool. We can restrict the exec tool to specific directories or command allowlists if needed. For now, we rely on the “Human in the Loop” approach for sensitive commands.

The Audit Command

OpenClaw comes with a built-in security audit tool.

openclaw security audit --deep

This checks file permissions of your workspace, ensures config files aren’t world-readable, and validates that no dangerous debug flags are active.

The Healthcheck Skill

This is the cool part. We don’t just want to check security once; we want the agent to be our security guard.

We’ve installed the Healthcheck Skill, which gives the agent a structured way to assess and harden the host.

What it does:

  1. Risk Profiling: It asks the user for their risk tolerance (Home, VPS, Developer).
  2. Auditing: It runs openclaw security audit and standard Linux checks (ss -ltnup, ufw status).
  3. Remediation: It generates a step-by-step plan to fix gaps (e.g., “Port 8080 is open to the world, suggesting we close it”).
  4. Cron Integration: We can schedule it to run daily.

Automating the Watchdog

Using OpenClaw’s cron system, we set up a daily security sweep.

openclaw cron add --name "daily-security-audit" --schedule "0 9 * * *" --payload '{"kind":"agentTurn", "message":"Run the healthcheck skill. Perform a deep security audit and report any new open ports or failed checks."}'

Now, every morning at 9 AM, the agent wakes up, checks its own locks, and reports back if anything looks suspicious.

Conclusion

Security isn’t a feature you add at the end; it’s a mindset. By combining OS-level hardening with agent-native auditing tools, we’ve turned our Raspberry Pi from a potential vulnerability into a digital fortress.

We’ve reached Day 10! The foundation is complete. We have a secure, capable, multi-modal agent running on our own hardware. The real fun starts now—using it to build whatever we can imagine.