Loading...
Loading...
Found 18 Skills
Audit installed skills for malicious code, hidden instructions, and security vulnerabilities. Use when users want to scan their skills for potential security issues, verify skill safety before use, or investigate suspicious skill behavior.
Automated daily security audits for OpenClaw agents with email reporting. Runs deep audits and sends formatted reports.
Main security scanning orchestration. Detects language, runs OWASP Top 10 patterns, identifies vulnerabilities, generates structured reports. Use when scanning for XSS, SQL injection, command injection, secrets, or any security vulnerability.
Comprehensive security code review workflow for a target repository, producing a markdown report with findings and recommendations.
Perform language and framework specific security best-practice reviews and suggest improvements. Trigger only when the user explicitly requests security best practices guidance, a security review/report, or secure-by-default coding help. Trigger only for supported languages (python, javascript/typescript, go). Do not trigger for general code review, debugging, or non-security tasks.
Analyze CVE vulnerabilities in Java and JavaScript components, determine false positives, and provide upgrade recommendations. Use this when users provide a CVE number and affected object, e.g., CVE-2024-38816 and spring-webmvc-5.3.39.jar. Supports false positive analysis, compatibility risk assessment, and standard report generation.