Clawsec Scanner
Skill Verifiziert AktivAutomated vulnerability scanner for agent platforms. Performs dependency scanning (npm audit, pip-audit), multi-database CVE lookup (OSV, NVD, GitHub Advisory), SAST analysis (Semgrep, Bandit), and agent-specific DAST hook execution testing for OpenClaw hooks.
To automate the detection of vulnerabilities in agent platforms, ensuring the security and integrity of agent deployments.
Funktionen
- Automated dependency scanning (npm, pip)
- CVE database integration (OSV, NVD, GitHub)
- Static code analysis (Semgrep, Bandit)
- Dynamic analysis of agent hooks (DAST)
- Unified vulnerability reporting
Anwendungsfälle
- Scanning agent platform codebases for known vulnerabilities
- Identifying security risks in project dependencies
- Detecting common SAST issues like hardcoded secrets and injection flaws
- Testing agent hooks for resilience against malicious inputs and timeouts
Nicht-Ziele
- Performing remediation actions automatically
- Scanning for runtime vulnerabilities in web applications (focus is on agent platforms)
- Providing a cloud-based vulnerability management dashboard
Installation
npx skills add prompt-security/clawsecFührt das Vercel skills CLI (skills.sh) via npx aus — benötigt Node.js lokal und mindestens einen installierten skills-kompatiblen Agent (Claude Code, Cursor, Codex, …). Setzt voraus, dass das Repo dem agentskills.io-Format folgt.
Qualitätspunktzahl
VerifiziertVertrauenssignale
Ähnliche Erweiterungen
Security Reviewer
99Identifies security vulnerabilities, generates structured audit reports with severity ratings, and provides actionable remediation guidance. Use when conducting security audits, reviewing code for vulnerabilities, or analyzing infrastructure security. Invoke for SAST scans, penetration testing, DevSecOps practices, cloud security reviews, dependency audits, secrets scanning, or compliance checks. Produces vulnerability reports, prioritized recommendations, and compliance checklists.
Senior Secops
98Senior SecOps engineer skill for application security, vulnerability management, compliance verification, and secure development practices. Runs SAST/DAST scans, generates CVE remediation plans, checks dependency vulnerabilities, creates security policies, enforces secure coding patterns, and automates compliance checks against SOC2, PCI-DSS, HIPAA, and GDPR. Use when conducting a security review or audit, responding to a CVE or security incident, hardening infrastructure, implementing authentication or secrets management, running penetration test prep, checking OWASP Top 10 exposure, or enforcing security controls in CI/CD pipelines.
Dependency Management
98Manage third-party libraries, runtimes, and SaaS dependencies. Use this skill when setting an update cadence, responding to security advisories, dealing with deprecated dependencies, evaluating new dependencies, auditing what's installed, or unblocking a dependency upgrade. Triggers on dependency, package update, security patch, lockfile, deprecated, breaking change, supply chain, dependency audit, npm audit, dependabot, renovate. Also triggers when a build breaks after an update or when an advisory is published for a used package.
Dependency Audit
95Dependency audit and cleanup workflow for maintaining healthy project dependencies. Use for regular maintenance, security updates, and removing unused packages.
Vector Setup
100First-run setup for ruvector@0.2.25 — installs ONNX/Brain/SONA add-ons, registers the MCP server, and verifies the install via `doctor`
Releasing Clickup Cli
100Veröffentlicht eine neue Version von clickup-cli auf npm, aktualisiert den Homebrew-Tap, schreibt Release Notes und synchronisiert den Agent-Skill. Verwenden Sie dies, wenn Sie eine neue Version veröffentlichen, die Version hochstufen oder eine Veröffentlichung überprüfen.