← Back to Skills Marketplace
dmx64

Security Scanner

by dmx · GitHub ↗ · v1.0.0
cross-platform ✓ Security Clean
10841
Downloads
4
Stars
118
Active Installs
1
Versions
Install in OpenClaw
/install security-scanner
Description
Automated security scanning and vulnerability detection for web applications, APIs, and infrastructure. Use when you need to scan targets for vulnerabilities, check SSL certificates, find open ports, detect misconfigurations, or perform security audits. Integrates with nmap, nuclei, and other security tools.
Usage Guidance
Install only if you intend to perform authorized security testing. Treat every command as active probing: limit targets to owned or written-approved assets, prefer conservative scan options first, and avoid running examples unchanged against public third-party systems.
Capability Analysis
Type: OpenClaw Skill Name: security-scanner Version: 1.0.0 The skill bundle defines a security scanner that utilizes common, legitimate security tools such as nmap, nuclei, sslscan, nikto, and testssl.sh. The instructions in SKILL.md are clear, directly align with the stated purpose of vulnerability scanning, and include ethical guidelines for responsible use. There is no evidence of data exfiltration, malicious execution, persistence mechanisms, obfuscation, or prompt injection attempts designed to subvert the agent for harmful activities. The network and file access are inherent to the functionality of a security scanning tool.
Capability Assessment
Purpose & Capability
The described use of nmap, nuclei, nikto, sslscan, and testssl.sh is coherent with a vulnerability-scanning skill and no unrelated capability, exfiltration, obfuscation, or destructive behavior is evidenced.
Instruction Scope
The skill gives actionable active-scanning commands; an ethics section is disclosed, but stronger authorization gating near the examples would reduce misuse risk.
Install Mechanism
No evidence was supplied or found indicating install-time execution, hidden setup behavior, package hooks, or unexpected dependency behavior.
Credentials
Network probing is inherent to the stated purpose, but active scans can affect third-party systems if users provide unauthorized targets.
Persistence & Privilege
No persistence mechanism, privilege escalation, credential harvesting, session reuse, or background worker behavior is evidenced.
How to Use
  1. Make sure OpenClaw is installed (local or Docker)
  2. Run the install command in chat: /install security-scanner
  3. After installation, invoke the skill by name or use /security-scanner
  4. Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.0
Initial release - nmap, nuclei, SSL scanning
Metadata
Slug security-scanner
Version 1.0.0
License
All-time Installs 358
Active Installs 118
Total Versions 1
Frequently Asked Questions

What is Security Scanner?

Automated security scanning and vulnerability detection for web applications, APIs, and infrastructure. Use when you need to scan targets for vulnerabilities, check SSL certificates, find open ports, detect misconfigurations, or perform security audits. Integrates with nmap, nuclei, and other security tools. It is an AI Agent Skill for Claude Code / OpenClaw, with 10841 downloads so far.

How do I install Security Scanner?

Run "/install security-scanner" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is Security Scanner free?

Yes, Security Scanner is completely free (open-source). You can download, install and use it at no cost.

Which platforms does Security Scanner support?

Security Scanner is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created Security Scanner?

It is built and maintained by dmx (@dmx64); the current version is v1.0.0.

More Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191115 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 Comments