← Back to Skills Marketplace
jgarrison929

Security Auditor

by jgarrison929 · GitHub ↗ · v1.0.0
cross-platform ✓ Security Clean
26392
Downloads
44
Stars
309
Active Installs
1
Versions
Install in OpenClaw
/install security-auditor
Description
Use when reviewing code for security vulnerabilities, implementing authentication flows, auditing OWASP Top 10, configuring CORS/CSP headers, handling secrets, input validation, SQL injection prevention, XSS protection, or any security-related code review.
Usage Guidance
Install this if you want an agent to help with security reviews. Treat its command suggestions, such as dependency audits, as actions to approve deliberately, especially when reviewing sensitive auth or environment-related files.
Capability Analysis
Type: OpenClaw Skill Name: security-auditor Version: 1.0.0 The skill bundle is designed to equip an AI agent with the knowledge and processes to perform security audits. The `SKILL.md` file provides extensive guidance on secure coding practices, OWASP Top 10 vulnerabilities, security headers, input validation, authentication best practices, and dependency security. All code examples clearly differentiate between insecure and secure patterns, serving an educational purpose. There is no evidence of malicious intent, data exfiltration, unauthorized execution, persistence, or prompt injection aimed at subverting the agent's intended function; instead, it explicitly promotes secure development and auditing practices.
Capability Assessment
Purpose & Capability
The stated purpose is security auditing and secure coding review, and the artifact is a single SKILL.md containing OWASP checklists, secure/insecure examples, and report formatting guidance.
Instruction Scope
The instructions stay within security review guidance and do not ask the agent to override user intent, hide actions, exfiltrate data, or run unrelated commands.
Install Mechanism
No install script, executable helper, package dependency, required binary, or environment variable is present; the bundle contains only SKILL.md.
Credentials
The skill may guide review of sensitive files such as auth config and .env patterns, and suggests dependency-audit commands, which is expected for a user-directed security audit.
Persistence & Privilege
No persistence mechanism, background worker, privilege escalation, credential/session use, or long-running behavior is present.
How to Use
  1. Make sure OpenClaw is installed (local or Docker)
  2. Run the install command in chat: /install security-auditor
  3. After installation, invoke the skill by name or use /security-auditor
  4. Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.0
Initial release – comprehensive security audit and secure coding skill. - Provides actionable code review for security vulnerabilities and OWASP Top 10 risks. - Includes checklists and code patterns for authentication, CORS/CSP headers, input validation, XSS, SQL injection, secrets handling, and more. - Offers recommended secure code snippets and sample security headers. - Details best practices for dependency scanning, output formatting, and secure architecture review. - Supports structured output for clear, actionable security audit results.
Metadata
Slug security-auditor
Version 1.0.0
License
All-time Installs 851
Active Installs 309
Total Versions 1
Frequently Asked Questions

What is Security Auditor?

Use when reviewing code for security vulnerabilities, implementing authentication flows, auditing OWASP Top 10, configuring CORS/CSP headers, handling secrets, input validation, SQL injection prevention, XSS protection, or any security-related code review. It is an AI Agent Skill for Claude Code / OpenClaw, with 26392 downloads so far.

How do I install Security Auditor?

Run "/install security-auditor" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is Security Auditor free?

Yes, Security Auditor is completely free (open-source). You can download, install and use it at no cost.

Which platforms does Security Auditor support?

Security Auditor is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created Security Auditor?

It is built and maintained by jgarrison929 (@jgarrison929); the current version is v1.0.0.

More Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191113 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 Comments