security-sentinelScan the workspace for security vulnerabilities, exposed secrets, and misconfigurations.
Install via ClawdBot CLI:
clawdbot install autogame-17/security-sentinelA unified security scanner for OpenClaw workspaces. Detects vulnerabilities in dependencies (npm audit), exposed secrets (regex patterns), and unsafe file permissions.
Run a full security scan:
node skills/security-sentinel/index.jsThis will output a JSON report to stdout.
If risks are detected (high/critical vulnerabilities, secrets, or bad permissions), it exits with code 1.
--skip-audit: Skip the npm audit step (faster)--no-fail: Do not exit with code 1 even if risks are detected (useful for monitoring only)const sentinel = require('./skills/security-sentinel');
const report = await sentinel.scan();
if (report.status === 'risk_detected') {
console.error('Security issues found:', report);
}npm audit to check package.json dependencies for known CVEs.package.json, .env) are not world-writable.node_modules, .git, logs, temp, .openclaw/cache.Generated Mar 1, 2026
Integrate Security Sentinel into CI/CD pipelines to automatically scan code repositories before deployment. This ensures vulnerabilities, exposed secrets, and misconfigurations are caught early, reducing the risk of security breaches in production environments. It's ideal for DevOps teams aiming to enforce security best practices without manual intervention.
Use Security Sentinel to regularly audit dependencies and check for exposed secrets in open-source projects. This helps maintainers identify and fix security issues promptly, enhancing project credibility and user trust. It's particularly useful for projects with frequent contributions and updates.
Deploy Security Sentinel as part of internal security audits to ensure compliance with industry standards like GDPR or HIPAA. It scans for vulnerabilities and misconfigurations in development workspaces, providing reports that can be used for regulatory documentation. This supports risk management and legal adherence in large organizations.
Incorporate Security Sentinel into coding bootcamps or university courses to teach students about security vulnerabilities and best practices. It allows hands-on experience with scanning tools, helping learners identify and mitigate risks in their projects. This fosters a security-first mindset early in development careers.
Offer Security Sentinel as a cloud-based service with tiered pricing based on scan frequency and number of repositories. This provides recurring revenue through monthly or annual subscriptions, appealing to businesses seeking scalable security solutions. It can include features like advanced reporting and integration with popular development tools.
Sell perpetual licenses or annual enterprise contracts for on-premises deployment of Security Sentinel. This model targets large organizations with strict data privacy requirements, offering customization and dedicated support. Revenue is generated through upfront license fees and ongoing maintenance contracts.
Provide a free version of Security Sentinel for basic scanning, with paid upgrades for advanced features like real-time monitoring, team collaboration, and priority support. This attracts a broad user base and converts high-value customers through upselling. Revenue comes from premium subscriptions and one-time purchases for add-ons.
š¬ Integration Tip
Integrate Security Sentinel into existing CI/CD workflows using its CLI or programmatic API to automate security checks without disrupting development processes.
Set up and use 1Password CLI (op). Use when installing the CLI, enabling desktop app integration, signing in (single or multi-account), or reading/injecting/running secrets via op.
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
Perform a comprehensive read-only security audit of Clawdbot's own configuration. This is a knowledge-based skill that teaches Clawdbot to identify hardening opportunities across the system. Use when user asks to "run security check", "audit clawdbot", "check security hardening", or "what vulnerabilities does my Clawdbot have". This skill uses Clawdbot's internal capabilities and file system access to inspect configuration, detect misconfigurations, and recommend remediations. It is designed to be extensible - new checks can be added by updating this skill's knowledge.
Use when reviewing code for security vulnerabilities, implementing authentication flows, auditing OWASP Top 10, configuring CORS/CSP headers, handling secrets, input validation, SQL injection prevention, XSS protection, or any security-related code review.
Security check for ClawHub skills powered by Koi. Query the Clawdex API before installing any skill to verify it's safe.
Scan Clawdbot and MCP skills for malware, spyware, crypto-miners, and malicious code patterns before you install them. Security audit tool that detects data exfiltration, system modification attempts, backdoors, and obfuscation techniques.