← Back to Skills Marketplace
huoxinjiang

security-audit-assistant

by HuoXinJiang · GitHub ↗ · v1.0.0 · MIT-0
cross-platform ⚠ suspicious
101
Downloads
0
Stars
0
Active Installs
1
Versions
Install in OpenClaw
/install security-audit-assistant
Description
Conducts lightweight security baseline audits on OpenClaw-managed servers, identifies high-risk SSH/firewall issues, and provides one-click fixes plus compli...
Usage Guidance
This skill appears to perform the stated local security checks and does not request credentials or external network access, but exercise caution before running on production servers. Specifically: - Test on a single non-production node first: run the audit in report-only mode (do not apply fixes automatically). Verify the generated recommendations are correct for your OS. - Do not run the provided fix commands blindly. Several sed replacement expressions in the packaged fixes are malformed and could corrupt sshd_config or other files and potentially lock you out of SSH. Always create a backup of affected config files (e.g., /etc/ssh/sshd_config.bak) before applying fixes. - Ensure you have console or out-of-band access (serial/console) before applying changes that restart SSH. - The SKILL.md promises "one-click fixes" but the included script only prints commands; confirm whether the skill will ever execute fixes automatically (review the runtime behavior in your OpenClaw environment). The hook permission node:exec means future updates could add auto-fix behavior—review code after updates and restrict scheduling if you don't want automated remediation. - Check OS compatibility: some fixes use apt even when centos/rhel are in supported lists. Confirm package manager commands are appropriate for the target OS before applying. - If you plan to use scheduled audits, review the cron configuration that will be created and ensure reports and any notifications go only where you expect. If you are not comfortable auditing the code yourself, run this only on staging systems or consult a sysadmin to inspect/patch the fix commands (correct sed patterns, add config backups, validate changes, add dry-run and explicit apply flags).
Capability Analysis
Type: OpenClaw Skill Name: security-audit-assistant Version: 1.0.0 The Security Audit Assistant is a legitimate security tool designed to perform CIS-inspired baseline checks on managed nodes. It uses the 'node:exec' permission to run standard diagnostic commands (e.g., grep, systemctl, stat) and identifies common misconfigurations in SSH, firewalls, and file permissions. The script (scripts/audit.js) provides remediation commands to the user in a report format rather than executing them automatically, and no evidence of data exfiltration, malicious persistence, or obfuscation was found.
Capability Assessment
Purpose & Capability
Name/description (lightweight security audit for OpenClaw-managed nodes) align with the included checks and the script. The manifest requests node:exec and cron permissions, which are appropriate for running local scans and scheduling.
Instruction Scope
SKILL.md promises 'one-click fixes' and scheduled automated audits; the shipped script only prints CLI fix commands and does not implement safe, opt-in application of fixes. Several provided fix commands are malformed (e.g. sed expressions like 's/PasswordAuthentication yes/no/' and similar), which could corrupt sshd_config or produce unexpected results and risk locking out admins. The instructions do not recommend backups, do not validate changes before restarting sshd, and provide no dry-run safeguards.
Install Mechanism
No install spec or external downloads; this is an instruction-only skill with an included script. Nothing is pulled from external URLs or registries. The HOOK declares only node:exec and system:cron, which is consistent with local execution and scheduling.
Credentials
No environment variables or external credentials requested. The skill requires sudo to perform fixes, which is expected for changing system configuration. There is no evidence of attempts to access unrelated secrets or external endpoints.
Persistence & Privilege
always:false (good). The hook requests system:cron permission which allows scheduling recurring audits—reasonable for this purpose but grants the ability to run commands on a schedule. Agent-autonomous invocation is allowed by default; combined with node:exec and cron this increases blast radius if future versions change behavior.
How to Use
  1. Make sure OpenClaw is installed (local or Docker)
  2. Run the install command in chat: /install security-audit-assistant
  3. After installation, invoke the skill by name or use /security-audit-assistant
  4. Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.0
**Initial release of Security Audit Assistant.** - Launches a lightweight, zero-install security baseline audit for OpenClaw-managed nodes. - Checks SSH, firewall, updates, passwords, unnecessary services, logging, and file permissions (~20 checks/node). - Generates human-readable reports with risk grading and one-click remediation commands. - Supports scheduled audits, multiple export formats (Markdown, JSON, plain text), and integration with OpenClaw cron. - Designed for small teams and solopreneurs needing fast, actionable server security checks and compliance-style reports.
Metadata
Slug security-audit-assistant
Version 1.0.0
License MIT-0
All-time Installs 0
Active Installs 0
Total Versions 1
Frequently Asked Questions

What is security-audit-assistant?

Conducts lightweight security baseline audits on OpenClaw-managed servers, identifies high-risk SSH/firewall issues, and provides one-click fixes plus compli... It is an AI Agent Skill for Claude Code / OpenClaw, with 101 downloads so far.

How do I install security-audit-assistant?

Run "/install security-audit-assistant" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is security-audit-assistant free?

Yes, security-audit-assistant is completely free, licensed under MIT-0. You can download, install and use it at no cost.

Which platforms does security-audit-assistant support?

security-audit-assistant is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created security-audit-assistant?

It is built and maintained by HuoXinJiang (@huoxinjiang); the current version is v1.0.0.

More Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191115 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 Comments