Loading...
Loading...
Found 22 Skills
Security auditing for code vulnerabilities (OWASP Top 10, XSS, SQL injection) and dependency scanning (pnpm audit, Snyk). Use when handling user input, adding authentication, before deployments, or resolving CVEs.
Analyze dependencies for known security vulnerabilities and outdated versions. Use when auditing third-party libraries. Trigger with 'check dependencies', 'scan for vulnerabilities', or 'audit packages'.
OWASP Top 10, CSP, CORS, XSS/CSRF prevention, auth patterns, dependency scanning
Scans project dependencies and verifies licenses against a whitelist of approved open-source licenses. Use to ensure legal compliance in software projects and prevent the introduction of restricted licenses.
Security audit workflow - vulnerability scan → verification
Automated vulnerability scanner for agent platforms. Performs dependency scanning (npm audit, pip-audit), multi-database CVE lookup (OSV, NVD, GitHub Advisory), SAST analysis (Semgrep, Bandit), and agent-specific DAST hook execution testing for OpenClaw hooks.
Open source license compliance check for a dependency list, a single library, or outbound code. Use when reviewing a manifest, SBOM, or repo for copyleft obligations and license compatibility, when asked whether a library can ship, or when preparing code to be open-sourced.
Software supply chain security guidance covering SBOM generation, SLSA framework, dependency scanning, SCA tools, and protection against supply chain attacks like dependency confusion and typosquatting.
Detect package managers and discover outdated or vulnerable dependencies. Returns structured findings without upgrading. Use when the user asks to "review dependencies", "check for outdated packages", "check dependencies", "scan dependencies", or "dependency review".
Security audit for vulnerabilities, compliance issues, and sensitive data exposure. Use before production deployments or when reviewing security-sensitive code.