← Back to Skills Marketplace
fortunto2

Audit

by Rust · GitHub ↗ · v1.4.1
cross-platform ⚠ suspicious
726
Downloads
0
Stars
0
Active Installs
2
Versions
Install in OpenClaw
/install solo-audit
Description
Health check knowledge base for broken links, missing frontmatter, tag inconsistencies, and coverage gaps. Use when user says "audit KB", "check frontmatter"...
Usage Guidance
This skill appears to do what it says: scan markdown files for frontmatter, links, tags, orphans, and coverage gaps. Before installing/using it, note two practical cautions: (1) it may execute any link-checker scripts found in your repo (it runs Bash and project scripts if present) — only run it against repositories you trust or run it inside a sandbox/container; (2) confirm what the listed tool mcp__solograph__kb_search is in your environment (it may call an internal search helper). No credentials or external downloads are requested. If you want extra safety, run the audit manually or review the audit output before applying any automated fixes.
Capability Analysis
Type: OpenClaw Skill Name: solo-audit Version: 1.4.1 The skill bundle is classified as suspicious due to a critical arbitrary code execution vulnerability. In SKILL.md, Step 4 instructs the AI agent to 'run it as well' if a script named `scripts/check_links.py` exists in the project. Given that `Bash` is an `allowed-tool`, this instruction allows for the execution of arbitrary code present in the user's project, creating a prompt injection vulnerability that leads to remote code execution (RCE). While the skill bundle itself does not contain malicious payloads, it provides a mechanism for an attacker (or a compromised project) to execute arbitrary commands via the agent.
Capability Assessment
Purpose & Capability
Name/description match the instructions: the SKILL.md describes finding .md files, checking frontmatter, tags, links, orphans, and coverage—all appropriate for a knowledge-base audit. No unrelated credentials, binaries, or config paths are requested.
Instruction Scope
Instructions are focused on KB content and use Read, Grep, Glob, Bash and an internal search tool to analyze markdown files. The SKILL.md also says 'if a link-checking script exists in the project, run it' — this will execute project-supplied scripts if present, which is within audit scope but means the agent can run arbitrary code from the repository. Users should be aware of that execution risk.
Install Mechanism
No install spec and no code files — instruction-only. Nothing is downloaded or written to disk by the skill itself.
Credentials
The skill requires no environment variables, credentials, or config paths. Requested access is limited to repository files and optional local scripts, which is proportional to an audit task.
Persistence & Privilege
always is false and the skill does not request elevated or persistent privileges. It can be invoked autonomously (default), which is normal; there's no evidence of modifications to other skills or global agent settings.
How to Use
  1. Make sure OpenClaw is installed (local or Docker)
  2. Run the install command in chat: /install solo-audit
  3. After installation, invoke the skill by name or use /solo-audit
  4. Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.4.1
Universalize: remove project-specific references, add SearXNG recommendation
v1.4.0
Initial ClawHub release
Metadata
Slug solo-audit
Version 1.4.1
License
All-time Installs 0
Active Installs 0
Total Versions 2
Frequently Asked Questions

What is Audit?

Health check knowledge base for broken links, missing frontmatter, tag inconsistencies, and coverage gaps. Use when user says "audit KB", "check frontmatter"... It is an AI Agent Skill for Claude Code / OpenClaw, with 726 downloads so far.

How do I install Audit?

Run "/install solo-audit" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is Audit free?

Yes, Audit is completely free (open-source). You can download, install and use it at no cost.

Which platforms does Audit support?

Audit is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created Audit?

It is built and maintained by Rust (@fortunto2); the current version is v1.4.1.

More Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191115 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 Comments