← Back to Skills Marketplace
rhombusmaximus

security-sweep

by RhombusMaximus · GitHub ↗ · v1.1.2 · MIT-0
cross-platform ⚠ suspicious
136
Downloads
0
Stars
0
Active Installs
6
Versions
Install in OpenClaw
/install security-sweep
Description
Security scanner for OpenClaw skills and plugins. Scans for hardcoded secrets, dangerous exec patterns, dependency vulnerabilities, and network egress. Use w...
Usage Guidance
This skill appears to be a real scanner, but take care before running it on sensitive or third‑party code. Actions to take before using: - Inspect the scripts yourself (full-scan.sh, skill-scan.sh, quick-scan.sh) and confirm you understand what they will read and where they will write. - Do NOT use --encrypt-found on code you do not control. The feature uploads encrypted blobs to your Notion account (client-side encrypted), which still transmits ciphertext to a cloud service. - If you plan to use the Notion flow, verify the local notion-secrets.js tool is trusted and audited; store NOTION_MASTER_PASSWORD only in a secure place (and prefer interactive invocation rather than putting secrets into long-lived CI variables unless you accept the risk). - Be aware the scripts call npm audit and expect node/npm present; run them in an environment where those tools exist and where running npm audit (and potential network calls) is acceptable. - The SKILL.md suggests adding a cron job and storing report paths in agent memory — only enable that if you want periodic autonomous scans and you accept reports and their locations being recorded by the agent. If you are unsure, run scans in a disposable/isolated environment (or on a copy of the workspace) and avoid the encrypt-to-Notion and cron automation features until you’ve validated the tooling and secrets flow.
Capability Analysis
Type: OpenClaw Skill Name: security-sweep Version: 1.1.2 The 'security-sweep' skill is classified as suspicious due to a feature in `scripts/full-scan.sh` that allows for the exfiltration of discovered secrets to a remote Notion workspace via the `--encrypt-found` flag. While documented as a secure storage option in `README.md` and `references/notion-encryption.md`, this capability programmatically collects and transmits sensitive credentials (API keys, tokens) to an external service. The reliance on an external, unprovided script (`~/.openclaw/scripts/notion-secrets.js`) and the requirement for a `NOTION_MASTER_PASSWORD` environment variable create a high-risk path for sensitive data handling that lacks transparency and could be abused for unauthorized data exfiltration.
Capability Assessment
Purpose & Capability
The name/description match the included scripts: the code is a scanner for hardcoded secrets, exec/eval patterns, npm audit and network egress. That capability is coherent with the stated purpose. However the skill advertises an optional 'auto-encrypt to Notion' feature and references a local helper (notion-secrets.js) and NOTION_MASTER_PASSWORD, yet the skill metadata declares no required environment variables or credentials — a mismatch that needs explanation.
Instruction Scope
The SKILL.md and scripts instruct the agent/user to scan both workspace and built-in skill dirs (including a brew Cellar path). They also recommend an --encrypt-found path that will call a local notion-secrets.js to push encrypted blobs to Notion, and they suggest adding a cron job that schedules periodic scans and writes the report path into agent memory. These behaviors go beyond simple read-only scanning: they involve uploading findings (even if encrypted) to a cloud service and scheduling autonomous runs that can persist report locations in memory. The instructions do not clearly restrict use to only user-controlled repos and explicitly warn against using encrypt on third-party skills — but that warning is a manual step and easy to miss.
Install Mechanism
There is no install spec (instruction-only + bundled scripts), which keeps install risk low. However the scripts assume presence of system tools (grep, bash, mktemp), node and npm (they call node and npm audit), and brew is referenced in SKILL.md; none of these binaries or platform assumptions are declared in metadata. That's a minor coherence gap to surface to users.
Credentials
The code and docs reference NOTION_MASTER_PASSWORD and expect a local helper (~/.openclaw/scripts/notion-secrets.js) and a Notion integration token; yet the skill metadata lists no required env vars or credentials. Uploading found secrets to Notion (even encrypted) and requiring a master password are sensitive operations and should be explicitly declared. The number and sensitivity of these implicit secrets (Notion API token + master password) are disproportionate relative to a simple scanner unless the user explicitly opts into the Notion storage workflow.
Persistence & Privilege
The skill is not force-enabled (always: false). It does, however, include instructions to schedule periodic scans via an openclaw cron add command and to save report paths into agent memory. Scheduling autonomous periodic scans and storing report locations increases the blast radius if misused, but these actions are optional and explicit in SKILL.md. Combine this with the Notion upload flow and undeclared env use for greater caution.
How to Use
  1. Make sure OpenClaw is installed (local or Docker)
  2. Run the install command in chat: /install security-sweep
  3. After installation, invoke the skill by name or use /security-sweep
  4. Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.1.2
Fix set -u crash: scan_skill output now captured via tail -1 to isolate return values from progress printf. Fixes unbound variable error on command-center and other complex skills.
v1.1.1
Fix bash arithmetic crash on skill names with hyphens. Add missing skill-scan.sh and npm-audit.sh scripts. Fix false positive secret scanner results on .md files and tests/. Tighten secret regex to match only key=value patterns. Update stale version in SKILL.md.
v1.1.0
**Notion secrets usage instructions clarified and expanded.** - Updated secret storage workflow to require NOTION_MASTER_PASSWORD for scripting. - Added instructions for retrieving encrypted blobs with a new `get` command. - Clarified which commands need or do not need the master password. - No functional security-sweep scanner changes; documentation improvement only. - Version in SKILL.md not changed (remains 1.0.1 despite documentation update).
v1.0.2
- Added detailed warnings and documentation to the SKILL.md section on secret encryption, including implications of using the --encrypt-found flag and the importance of securely storing the master password. - No changes to core functionality; updates are limited to documentation for improved user safety and clarity. - Version field in SKILL.md set to 1.0.1 (note: version file and release tag remain 1.0.2).
v1.0.1
- Added auto-encryption of detected secrets to Notion using the user's encrypted secrets store; plain-text secrets are never stored. - Updated the documentation with setup and usage instructions for Notion-based secret storage and encryption. - Added README.md and references/notion-encryption.md with guidance for Notion encryption. - Removed quick-scan.sh script; quick scans are now referenced in documentation but not included as a script. - Revised risk categories and publishing checklist to include encryption requirement and improved security workflow.
v1.0.0
- Initial release of the security-sweep skill for OpenClaw. - Scans skills/plugins for hardcoded secrets, dangerous exec patterns, dependency vulnerabilities, potential network egress, and input injection risks. - Provides workflows for full, quick, single-skill, and npm audit scans. - Categorizes findings by severity with recommended actions for each risk level. - Generates and saves detailed security reports; supports periodic scanning via cron. - Includes best practices for auditing and publishing skills to ClawHub.
Metadata
Slug security-sweep
Version 1.1.2
License MIT-0
All-time Installs 0
Active Installs 0
Total Versions 6
Frequently Asked Questions

What is security-sweep?

Security scanner for OpenClaw skills and plugins. Scans for hardcoded secrets, dangerous exec patterns, dependency vulnerabilities, and network egress. Use w... It is an AI Agent Skill for Claude Code / OpenClaw, with 136 downloads so far.

How do I install security-sweep?

Run "/install security-sweep" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is security-sweep free?

Yes, security-sweep is completely free, licensed under MIT-0. You can download, install and use it at no cost.

Which platforms does security-sweep support?

security-sweep is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created security-sweep?

It is built and maintained by RhombusMaximus (@rhombusmaximus); the current version is v1.1.2.

More Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191113 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 Comments