← Back to Skills Marketplace

VeridicusScan MCP Analyst

Name: VeridicusScan MCP Analyst
Author: sabaaziz991-hash

by sabaaziz991-hash · GitHub ↗ · v0.1.5 · MIT-0

cross-platform ✓ Security Clean

289

Downloads

Stars

Active Installs

Versions

Install in OpenClaw

/install veridicusscan-mcp-analyst

Description

Use when the user wants to inspect a prompt, local file, or public HTTPS URL with VeridicusScan through its MCP bridge, triage prompt-injection or hidden-ins...

Usage Guidance

This skill appears coherent for use with a local VeridicusScan MCP bridge. Before installing or invoking it: (1) Confirm your client/runtime provides a local MCP bridge and that you trust that process — the skill will direct prompts/files to that bridge for scanning. If the bridge is remote or managed by a third party, sensitive data could leave your environment. (2) Ensure you understand how the client discovers/authenticates the MCP bridge (the skill itself declares no credentials). (3) Note that allow_implicit_invocation may let the agent suggest this skill automatically — if you want explicit consent for every use, review platform invocation policies. If you need, provide the MCP bridge's connection details or the client's documentation so the skill can be evaluated in context.

Capability Analysis

Type: OpenClaw Skill Name: veridicusscan-mcp-analyst Version: 0.1.5 The VeridicusScan MCP Analyst skill is a security-focused tool designed to scan URLs, files, and prompts for threats and implement runtime-defense guardrails (e.g., tool scoping and plan guarding). The skill includes explicit security features such as blocking non-public network URLs to prevent SSRF and provides structured workflows for triage and reporting. No evidence of malicious intent, data exfiltration, or unauthorized execution was found across the SKILL.md, agents/openai.yaml, or references/mcp-methods.md files.

Capability Assessment

✓ Purpose & Capability

The name/description (MCP analyst for VeridicusScan) aligns with the instructions: methods like scan_url, scan_file, scan_text, and runtime-defense flows are all relevant and expected. The skill does not request unrelated credentials, binaries, or system paths.

ℹ Instruction Scope

The SKILL.md expects a local VeridicusScan MCP bridge to be available and instructs the agent to call MCP methods (open_session, scan_file, scan_url, scan_text, etc.). This is coherent, but the instructions assume the client runtime provides those MCP methods and file-access plumbing; the skill does not declare how the bridge is discovered or authenticated. Verify the host/client MCP connector's behavior (local vs remote) before sending sensitive files or secrets.

✓ Install Mechanism

Instruction-only skill with no install spec and no code files — minimal disk footprint and no automatic downloads. Low install risk.

✓ Credentials

No environment variables, credentials, or config paths are requested. That matches the skill's role as a connector to an existing MCP bridge rather than a standalone service requiring secrets.

ℹ Persistence & Privilege

always:false and no install actions. The agents/openai.yaml sets allow_implicit_invocation: true, which permits implicit invocation when the platform's policy allows it. This is not inherently problematic but users should be aware the skill can be suggested/selected by the agent if the platform permits implicit invocation.

How to Use

Make sure OpenClaw is installed (local or Docker)
Run the install command in chat: /install veridicusscan-mcp-analyst
After installation, invoke the skill by name or use /veridicusscan-mcp-analyst
Provide required inputs per the skill's parameter spec and get structured output

Version History

v0.1.5

Add a public technical reference for MCP sessions, runtime guardrails, and local automation workflows.

v0.1.4

Add a public recruiting workflow example that points to the Veridicus Scan AI job application screening guide.

v0.1.3

Clarify runtime-defense coverage, public-URL limits, sanitized_only handling, and align implicit invocation metadata with the published registry behavior.

v0.1.2

Add the VeridicusScan App Store link to the skill and repository description.

v0.1.1

Clarify that the skill scans for prompt-injection and hidden-instruction risks with VeridicusScan MCP.

v0.1.0

Initial public release of the VeridicusScan MCP analyst skill.

Metadata

Slug veridicusscan-mcp-analyst

Version 0.1.5

License MIT-0

All-time Installs 0

Active Installs 0

Total Versions 6

Frequently Asked Questions

What is VeridicusScan MCP Analyst?

Use when the user wants to inspect a prompt, local file, or public HTTPS URL with VeridicusScan through its MCP bridge, triage prompt-injection or hidden-ins... It is an AI Agent Skill for Claude Code / OpenClaw, with 289 downloads so far.

How do I install VeridicusScan MCP Analyst?

Run "/install veridicusscan-mcp-analyst" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is VeridicusScan MCP Analyst free?

Yes, VeridicusScan MCP Analyst is completely free, licensed under MIT-0. You can download, install and use it at no cost.

Which platforms does VeridicusScan MCP Analyst support?

VeridicusScan MCP Analyst is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created VeridicusScan MCP Analyst?

It is built and maintained by sabaaziz991-hash (@sabaaziz991-hash); the current version is v0.1.5.

More Skills