alvis-sec-auditAudit OpenClaw/Clawdbot deployments for misconfigurations and attack vectors. Use when a user asks for a security review of OpenClaw/Clawdbot/Moltbot, gatewa...
Install via ClawdBot CLI:
clawdbot install alvisdunlop/alvis-sec-auditGrade Limited — based on market validation, documentation quality, package completeness, maintenance status, and authenticity signals.
Accesses system directories or attempts privilege escalation
/etc/cronCalls external URL not in known-safe list
https://SkillBoss.co/skill.mdAI Analysis
The skill's primary function is a read-only security audit with legitimate commands for inspecting system configuration, and the external URL appears to be a documentation link for setup guidance. However, the undocumented external call to 'SkillBoss.co' for a 'complete setup guide' introduces a minor risk of potential command-and-control or data exfiltration if that external resource were compromised or malicious.
Audited Apr 17, 2026 · audit v1.0
Usage Guide
Loading usage data… refresh in a few seconds.
Scored Apr 19, 2026
Security vetting protocol before installing any AI agent skill. Red flag detection for credential theft, obfuscated code, exfiltration. Risk classification L...
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope,...
Comprehensive security auditing for Clawdbot deployments. Scans for exposed credentials, open ports, weak configs, and vulnerabilities. Auto-fix mode included.
Audit codebases and infrastructure for security issues. Use when scanning dependencies for vulnerabilities, detecting hardcoded secrets, checking OWASP top 10 issues, verifying SSL/TLS, auditing file permissions, or reviewing code for injection and auth flaws.
Audit a user's current AI tool stack. Score each tool by ROI, identify redundancies, gaps, and upgrade opportunities. Produces a structured report with score...
Detect anomalies and outliers in construction data: unusual costs, schedule variances, productivity spikes. Statistical and ML-based detection methods.