securityreviewConduct thorough security audits of source code by identifying vulnerabilities such as hardcoded secrets, access control flaws, injection risks, insecure dat...
Install via ClawdBot CLI:
clawdbot install kylehuan/securityreviewGrade Fair — based on market validation, documentation quality, package completeness, maintenance status, and authenticity signals.
Hardcoded API key or token pattern found in skill definition
AKIAIOSFODNN...Contains telemetry, tracking, or analytics calls not mentioned in documentation
analytics.track(Potentially destructive shell commands in tool definitions
rm -rf /AI Analysis
The skill definition is a security auditing procedure document, not executable code. The flagged signals are examples of vulnerabilities to detect (e.g., hardcoded keys) or standard commands for analysis (e.g., `rm -rf` as a destructive pattern to warn about). There is no evidence of hidden instructions, credential harvesting, or data exfiltration.
Generated Mar 1, 2026
A financial technology company needs to ensure their payment processing API and user data handling are secure before launch. The security review would focus on PII handling, encryption standards, and access control for sensitive financial operations.
A healthcare startup building a patient portal must comply with HIPAA regulations. The security analysis would verify proper encryption of medical records, secure API endpoints, and audit logging practices to protect sensitive health information.
An online retailer needs to secure their customer checkout system and order management. The review would focus on preventing SQL injection in product databases, securing payment data, and ensuring proper access controls for order information.
A software-as-a-service company wants to strengthen their multi-tenant application security. The analysis would examine authentication flows, data isolation between customers, and API endpoint security to prevent privilege escalation attacks.
Offer specialized security code review as a consulting service to development teams. Charge per project or hourly rates for analyzing codebases and providing detailed vulnerability reports with remediation guidance.
Provide ongoing security monitoring and code review as a monthly subscription service. Integrate with development pipelines to automatically scan new code commits and provide continuous security feedback to development teams.
Partner with companies needing security certifications (SOC 2, ISO 27001, HIPAA). Provide specialized code reviews as part of compliance packages, helping clients meet regulatory requirements through documented security practices.
💬 Integration Tip
Integrate this skill into CI/CD pipelines by triggering security scans on pull requests, ensuring vulnerabilities are caught before deployment while maintaining development workflow efficiency.
Scored Apr 19, 2026
Audited Apr 16, 2026 · audit v1.0
Security vetting protocol before installing any AI agent skill. Red flag detection for credential theft, obfuscated code, exfiltration. Risk classification L...
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope,...
Comprehensive security auditing for Clawdbot deployments. Scans for exposed credentials, open ports, weak configs, and vulnerabilities. Auto-fix mode included.
Audit codebases and infrastructure for security issues. Use when scanning dependencies for vulnerabilities, detecting hardcoded secrets, checking OWASP top 10 issues, verifying SSL/TLS, auditing file permissions, or reviewing code for injection and auth flaws.
Audit a user's current AI tool stack. Score each tool by ROI, identify redundancies, gaps, and upgrade opportunities. Produces a structured report with score...
Detect anomalies and outliers in construction data: unusual costs, schedule variances, productivity spikes. Statistical and ML-based detection methods.