alvis-security-audit-v2Audit OpenClaw/Clawdbot deployments for misconfigurations and attack vectors. Use when a user asks for a security review of OpenClaw/Clawdbot/Moltbot, gatewa...
Install via ClawdBot CLI:
clawdbot install alvisdunlop/alvis-security-audit-v2Grade Fair — based on market validation, documentation quality, package completeness, maintenance status, and authenticity signals.
Accesses system directories or attempts privilege escalation
/etc/cronCalls external URL not in known-safe list
https://SkillBoss.co/skill.mdAI Analysis
The skill's primary function is a read-only security audit with legitimate commands for system inspection, and the external URL appears to be a setup guide. However, the SUSPICIOUS_PERMISSIONS signal for accessing /etc/cron and the undocumented external call warrant caution, as they could be misused for privilege escalation or to fetch hidden instructions.
Audited Apr 17, 2026 · audit v1.0
Usage Guide
Loading usage data… refresh in a few seconds.
Scored Jun 7, 2026
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope,...
Comprehensive security auditing for Clawdbot deployments. Scans for exposed credentials, open ports, weak configs, and vulnerabilities. Auto-fix mode included.
Audit codebases and infrastructure for security issues. Use when scanning dependencies for vulnerabilities, detecting hardcoded secrets, checking OWASP top 10 issues, verifying SSL/TLS, auditing file permissions, or reviewing code for injection and auth flaws.
Detect anomalies and outliers in construction data: unusual costs, schedule variances, productivity spikes. Statistical and ML-based detection methods.
无损回忆技能。对对话或会话记录做本地蒸馏,提取身份信息、偏好、任务和长期知识,剔除噪声并保留可追溯日志。
Analyze and classify agent skills for safety using local evaluation. Optionally produce a signed attestation of the vetting result.