← Back to Skills Marketplace
okikesolutions

Security Scanner Triage

by okikeSolutions · GitHub ↗ · v0.1.0 · MIT-0
cross-platform ✓ Security Clean
132
Downloads
0
Stars
0
Active Installs
1
Versions
Install in OpenClaw
/install security-scanner-triage
Description
Triage security/virus scanner findings for skills and automations. Use when scanner reports mixed-risk findings (defaults, credential handling, data routing,...
README (SKILL.md)

Security Scanner Triage

Workflow

  1. Normalize findings
  • Convert scanner text into discrete claims.
  • Group by category: data routing, credentials, defaults, docs mismatch, privilege/persistence.
  1. Verify against code/docs
  • Locate exact file/line evidence.
  • Mark each claim as:
    • Confirmed
    • Partially confirmed
    • Not reproducible
  1. Risk rate
  • Critical / High / Medium / Low
  • Include blast radius and exploitability notes.
  1. Remediation plan
  • Provide minimal patch order:
    1. safety first
    2. behavior/docs consistency
    3. version bump and publish notes
  1. Verification
  • Provide re-scan checklist and expected clean-state signals.

Output format

Use references/output-template.md.

Guardrails

  • Never leak secrets from .env.
  • Distinguish trust/disclosure issues from active vulnerabilities.
  • Always separate "data-routing transparency" findings from "security-impact" findings.
Usage Guidance
This is an instruction-only triage workflow and appears internally consistent. Before installing, ensure you: 1) only run it against the repository or skill bundle you intend triaged (avoid granting access to system-wide files), 2) provide the scanner output as input rather than giving blanket filesystem access, and 3) confirm the agent follows the guardrail to never read or transmit secrets (e.g., .env). If you need automated/remote triage that will inspect many repos or system files, consider adding explicit scope limits or technical controls first.
Capability Analysis
Type: OpenClaw Skill Name: security-scanner-triage Version: 0.1.0 The skill bundle is a purely instructional framework for triaging security scanner findings. It provides a structured workflow for normalizing claims, verifying evidence, and creating remediation plans using a provided template (references/output-template.md). The instructions in SKILL.md include explicit guardrails against leaking secrets from environment files and contain no malicious execution patterns or harmful prompt injection attempts.
Capability Assessment
Purpose & Capability
The skill is an instruction-only triage workflow for scanner findings and requests no env vars, binaries, or installs — this matches the described purpose.
Instruction Scope
SKILL.md stays on-topic (normalize claims, verify evidence, rate risk, remediation, re-scan checklist). It asks the agent to "locate exact file/line evidence," which is appropriate, but is somewhat open-ended about which files may be inspected; guardrails note not to leak .env secrets. Recommend limiting file scope to the target repo and published skill files to avoid accidental access to unrelated system secrets.
Install Mechanism
No install spec and no code files — lowest-risk delivery model (instruction-only).
Credentials
No environment variables, credentials, or config paths are requested. Declared guardrails explicitly instruct not to leak secrets.
Persistence & Privilege
always:false and default invocation settings; the skill does not request persistent presence or elevated platform privileges.
How to Use
  1. Make sure OpenClaw is installed (local or Docker)
  2. Run the install command in chat: /install security-scanner-triage
  3. After installation, invoke the skill by name or use /security-scanner-triage
  4. Provide required inputs per the skill's parameter spec and get structured output
Version History
v0.1.0
Initial release: clarifies routing-vs-security distinction and adds evidence/risk output structure.
Metadata
Slug security-scanner-triage
Version 0.1.0
License MIT-0
All-time Installs 0
Active Installs 0
Total Versions 1
Frequently Asked Questions

What is Security Scanner Triage?

Triage security/virus scanner findings for skills and automations. Use when scanner reports mixed-risk findings (defaults, credential handling, data routing,... It is an AI Agent Skill for Claude Code / OpenClaw, with 132 downloads so far.

How do I install Security Scanner Triage?

Run "/install security-scanner-triage" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is Security Scanner Triage free?

Yes, Security Scanner Triage is completely free, licensed under MIT-0. You can download, install and use it at no cost.

Which platforms does Security Scanner Triage support?

Security Scanner Triage is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created Security Scanner Triage?

It is built and maintained by okikeSolutions (@okikesolutions); the current version is v0.1.0.

More Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191115 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 Comments