mobb-vulnerabilities-fixerScan, fix, and remediate security vulnerabilities in a local code repository using Mobb MCP/CLI. Use when the user asks to scan for vulnerabilities, run a security check, auto-fix issues, remediate findings, or apply Mobb fixes (e.g., \"scan this repo\", \"fix security issues\", \"remediate vulnerabilities\", \"run Mobb on my changes\").
Install via ClawdBot CLI:
clawdbot install mobb-vulnerabilities-fixerUse Mobb MCP scan-and-fix behavior to identify security issues in a local repo and apply the generated patches. Follow the MCP workflow exactly, including file selection, pagination, and rescan rules.
Use an absolute path to the repository root. Reject paths with traversal patterns. If the user gives . and a workspace root is known, use it.
Prefer API_KEY in the environment. If missing or invalid, inform the user a browser window will open for Mobb login and authorization, then proceed once authenticated. If the user has no account, instruct them to create one and generate an API key. See references/mobb-auth.md.
Do not install or launch MCP yourself. Ask the user to start the Mobb MCP server on their machine using their approved process and confirm it is running before you proceed.
Invoke the MCP tool scan_and_fix_vulnerabilities with the repository path. Use optional parameters only when the user explicitly asks.
Required parameter:
path: absolute path to the repository rootOptional parameters:
offset: pagination offset for additional fixeslimit: maximum number of fixes to return (default is 3)maxFiles: scan up to N recently changed files (default is 10); setting this triggers a fresh scanrescan: force a full rescan; only when user explicitly asksscanRecentlyChangedFiles: when true and no git changes are found, scan recently changed files from historyIf the tool returns patches, summarize what will change and ask the user to confirm before applying. Apply patches exactly as provided, modify nothing else, and explain after applying. If a patch cannot be applied, report the exact conflict and continue with others the user approved.
Do not rescan or fetch additional pages of fixes unless the user explicitly asks. If more fixes are available, inform the user how to request the next page.
Use when the user wants a summary of available fixes without uploading/scanning or applying patches.
Call fetch_available_fixes with:
path: absolute path to the repo rootoffset and limit: optional paginationfileFilter: optional list of relative paths to filter fixesfetchFixesFromAnyFile: optional boolean to fetch fixes for all filesfileFilter and fetchFixesFromAnyFile are mutually exclusive. If neither is provided, the tool filters to files with git status changes.
Call check_for_new_available_fixes once at the end of a session after edits/tests, or when the user explicitly asks to check for fresh fixes.
Behavior notes:
origin remote.scanRecentlyChangedFiles is true (or maxFiles is set), scan recently changed files from git history.If no changed files are detected, explain the situation and offer a follow-up scan using scanRecentlyChangedFiles and/or maxFiles, but do not run it unless explicitly requested.
references/mcp-scan-fix.md: MCP scan-and-fix, fetch, and monitoring tool detailsreferences/mobb-auth.md: authentication and login flow detailsGenerated Mar 1, 2026
A software development team integrates Mobb into their CI/CD pipeline to automatically scan pull requests for security vulnerabilities before merging. The tool identifies issues in changed files, suggests fixes, and allows developers to apply patches with approval, reducing manual review time and preventing vulnerabilities from reaching production.
A financial services company uses Mobb to audit and fix security vulnerabilities in an older, monolithic codebase. By scanning recently changed files from git history, the tool prioritizes high-risk areas, generates patches for critical issues like SQL injection or cross-site scripting, and helps the team systematically remediate without disrupting ongoing development.
A healthcare organization employs Mobb to ensure their applications meet regulatory standards like HIPAA by scanning for vulnerabilities before audits. The tool provides summaries of available fixes, allowing security teams to document remediation efforts and apply patches to sensitive data-handling code with explicit consent, maintaining compliance records.
An open-source community uses Mobb to monitor and fix security vulnerabilities in their public repositories. Contributors run scans on local clones, apply patches after community review, and use the fetch available fixes feature to track issues without uploading code, enhancing project security and trust among users.
Offer Mobb as a cloud-based service with tiered pricing based on scan frequency, repository size, or number of users. Revenue comes from monthly or annual subscriptions, with premium features like advanced reporting and priority support, targeting enterprises needing scalable security solutions.
Sell perpetual licenses or annual contracts to large organizations for on-premises deployment of Mobb, including custom integrations and dedicated support. Revenue is generated through upfront license fees and ongoing maintenance costs, appealing to industries with strict data privacy requirements.
Provide a free version of Mobb for individual developers or small teams with basic scanning capabilities, then upsell to paid plans for advanced features like automated fixes, team collaboration tools, and compliance reporting. Revenue streams include upgrades and add-ons for enhanced functionality.
💬 Integration Tip
Ensure the Mobb MCP server is running locally before initiating scans, and always obtain explicit user consent before applying patches to avoid unintended code changes.
Set up and use 1Password CLI (op). Use when installing the CLI, enabling desktop app integration, signing in (single or multi-account), or reading/injecting/running secrets via op.
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
Perform a comprehensive read-only security audit of Clawdbot's own configuration. This is a knowledge-based skill that teaches Clawdbot to identify hardening opportunities across the system. Use when user asks to "run security check", "audit clawdbot", "check security hardening", or "what vulnerabilities does my Clawdbot have". This skill uses Clawdbot's internal capabilities and file system access to inspect configuration, detect misconfigurations, and recommend remediations. It is designed to be extensible - new checks can be added by updating this skill's knowledge.
Use when reviewing code for security vulnerabilities, implementing authentication flows, auditing OWASP Top 10, configuring CORS/CSP headers, handling secrets, input validation, SQL injection prevention, XSS protection, or any security-related code review.
Security check for ClawHub skills powered by Koi. Query the Clawdex API before installing any skill to verify it's safe.
Scan Clawdbot and MCP skills for malware, spyware, crypto-miners, and malicious code patterns before you install them. Security audit tool that detects data exfiltration, system modification attempts, backdoors, and obfuscation techniques.