alvisdunlop-security-auditAudit OpenClaw/Clawdbot deployments for misconfigurations and attack vectors. Use when a user asks for a security review of OpenClaw/Clawdbot/Moltbot, gatewa...
Install via ClawdBot CLI:
clawdbot install alvisdunlop/alvisdunlop-security-auditGrade Limited — based on market validation, documentation quality, package completeness, maintenance status, and authenticity signals.
Accesses system directories or attempts privilege escalation
/etc/cronCalls external URL not in known-safe list
https://SkillBoss.co/skill.mdAI Analysis
The skill's primary function is a read-only security audit with clear safety principles (non-destructive commands, no exfiltration, redaction of secrets). The external URL reference is to a setup guide, not an active data exfiltration endpoint, and aligns with the skill's stated purpose. The flagged system directory access is consistent with the audit workflow to check for cron jobs or misconfigurations.
Audited Apr 16, 2026 · audit v1.0
Usage Guide
Loading usage data… refresh in a few seconds.
Scored Jun 7, 2026
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope,...
Comprehensive security auditing for Clawdbot deployments. Scans for exposed credentials, open ports, weak configs, and vulnerabilities. Auto-fix mode included.
Audit codebases and infrastructure for security issues. Use when scanning dependencies for vulnerabilities, detecting hardcoded secrets, checking OWASP top 10 issues, verifying SSL/TLS, auditing file permissions, or reviewing code for injection and auth flaws.
Detect anomalies and outliers in construction data: unusual costs, schedule variances, productivity spikes. Statistical and ML-based detection methods.
无损回忆技能。对对话或会话记录做本地蒸馏,提取身份信息、偏好、任务和长期知识,剔除噪声并保留可追溯日志。
Analyze and classify agent skills for safety using local evaluation. Optionally produce a signed attestation of the vetting result.