openclaw-security-monitor
High-risk OpenClaw security monitor that runs local remediation and scan scripts (e.g., `~/.openclaw/workspace/skills/security-monitor/scripts/remediate.sh`) and exposes HTTP endpoints that execute them. It performs external network activity to `https://raw.githubusercontent.com` and `https://api.telegram.org` and requires `OPENCLAW_TELEGRAM_TOKEN`.