← Back to Skills Marketplace
mcpcentral

Cybersec Helper

by mcpcentral · GitHub ↗ · v1.0.0
cross-platform ⚠ suspicious
1628
Downloads
0
Stars
5
Active Installs
1
Versions
Install in OpenClaw
/install cybersec-helper
Description
Help with application security review, bug bounty workflows, recon, and secure coding while keeping things ethical and scoped. Think critically, use real sources only, and reference OWASP.
README (SKILL.md)

When to use this skill

  • The user mentions security, vulnerabilities, bug bounty, hacking, CTFs, or “is this safe?”.
  • You are reviewing code, configs, or infra for security issues.
  • You are helping plan or document a bug bounty report.
  • You need to classify a vulnerability or reference security best practices.

How to behave when this skill is active

  1. Clarify scope first

    • Ask which program/target this is for.
    • Ask what is explicitly in-scope and out-of-scope.
    • Ask which environment is being tested (prod, staging, local lab).

  2. Anchor on the threat model

    • Identify assets (auth, data, business logic, infra).
    • Consider attacker goals and capabilities.
    • Map likely attack paths instead of random probing.

  3. Be ethical and legal

    • Refuse help for clearly illegal, non-consensual, or out-of-policy actions.
    • Prefer suggesting local/lab reproductions over hitting unknown production systems.

  4. Ask good questions

    • Stack and framework (frontend, backend, DB, auth).
    • Where logs/metrics are visible (helps impact analysis).
    • What the user wants right now: recon, exploit idea, fix, or report.

  5. Use real sources only — never fake data

    • OWASP Top 10 (https://owasp.org/www-project-top-ten/) for common vulnerabilities.
    • OWASP ASVS (Application Security Verification Standard) for secure coding requirements.
    • OWASP Testing Guide for testing methodologies.
    • OWASP Cheat Sheets for quick reference on specific topics.
    • CWE (Common Weakness Enumeration) for vulnerability classification (https://cwe.mitre.org/).
    • CVE databases (https://cve.mitre.org/, https://nvd.nist.gov/) for real vulnerability details.
    • exploit-db (https://www.exploit-db.com/) for proof-of-concept exploits.
    • HackerOne/Bugcrowd writeups for real-world bug bounty examples.
    • RFCs (e.g., RFC 7231 for HTTP, RFC 7519 for JWT) for protocol security.
    • Vendor security advisories for framework/library vulnerabilities.
    • Never invent CVEs, CWE IDs, or vulnerability details. If you don’t know, say so and help find the authoritative source.

  6. Think critically and independently

    • Don’t just parrot common advice — analyze whether it applies here.
    • Question assumptions. If something seems off, investigate.
    • Form your own opinions based on evidence, not just what you’ve seen before.
    • If a common practice is flawed, say so. If something is overhyped, call it out.

  7. Output style

    • Start with a short summary of the situation.
    • Reference specific OWASP categories (e.g., “A01:2021 – Broken Access Control”) when applicable.
    • Use CWE IDs when classifying vulnerabilities (e.g., CWE-79 for XSS, CWE-89 for SQL Injection).
    • Then propose a small, ordered checklist of next steps.
    • Highlight risk level and likely impact for each idea.
    • Cite your sources (OWASP, CWE, CVE, etc.) so the user can verify.

  8. Future: Notion integration for OWASP reference

    • When Notion is configured, maintain a reference database of OWASP Top 10, ASVS sections, Testing Guide methodologies, and common CWE mappings.
    • Use it to fact-check and provide authoritative guidance.
    • Keep it updated as OWASP evolves and new vulnerabilities emerge.
Usage Guidance
This skill's advice and source constraints look reasonable for a security helper, but it is configured to be always active (always:true). That means it will be present in every agent session even when security help is not requested — increasing the chance of unneeded or inappropriate behavior. Before installing: 1) Remove or justify always:true; prefer user-invokable or conditional activation so it only runs when the user asks for security help. 2) If you enable Notion or any other integration later, require explicit credential env vars with minimal scopes and document them in the skill manifest. 3) Limit the agent's ability to perform active reconnaissance or network scans autonomously — keep the skill advisory-only unless you explicitly trust the agent to run actions. 4) Monitor invocation/audit logs for unexpected uses and review the skill's metadata if future code or install specs appear. If you want, I can suggest a safer manifest change (e.g., remove always:true and add explicit optional env entries for Notion with required scopes).
Capability Analysis
Type: OpenClaw Skill Name: cybersec-helper Version: 1.0.0 The skill bundle is classified as benign. The `SKILL.md` file provides clear instructions for the AI agent to act ethically, clarify scope, refuse illegal or out-of-policy actions, and prioritize local/lab reproductions over unknown production systems. It explicitly directs the agent to use only reputable security sources (OWASP, CWE, CVE) and forbids inventing vulnerability details. There is no evidence of data exfiltration, malicious execution, persistence mechanisms, prompt injection for harmful objectives, or obfuscation.
Capability Assessment
Purpose & Capability
Name, description, and SKILL.md are consistent: the skill is an advisory/security-review assistant and asks for scope, threat model, and authoritative sources (OWASP, CWE, CVE). No binaries, env vars, or installs are requested, which is appropriate for a guidance-only skill.
Instruction Scope
SKILL.md stays within an advisory scope (asks to clarify scope, refuse illegal actions, prefer lab repros, cite OWASP/CWE). It does mention optional future Notion integration but does not request Notion credentials or declare how they would be used — that should be explicit if implemented. Overall the runtime instructions do not ask the agent to read local files or fetch credentials on their own.
Install Mechanism
Instruction-only skill with no install spec or code files — lowest-risk delivery mechanism. Nothing on-disk will be created by an installer.
Credentials
No required environment variables, credentials, or config paths are declared — proportional to a guidance-only security skill. The mention of Notion integration is conditional and currently not requesting any secrets, but if implemented it should declare required env vars and scopes.
Persistence & Privilege
The skill is flagged always: true (and metadata embeds always:true) but its own SKILL.md restricts usage to security-relevant cases. always:true grants the skill permanent inclusion in every agent run and increases the chance it will be invoked in unrelated contexts; combined with the ability to advise on recon/exploitation (even if instructions say to be ethical), this raises the blast radius and deserves caution. Autonomous invocation is allowed by default; that alone is normal, but always:true without justification is the main issue.
How to Use
  1. Make sure OpenClaw is installed (local or Docker)
  2. Run the install command in chat: /install cybersec-helper
  3. After installation, invoke the skill by name or use /cybersec-helper
  4. Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.0
Initial release of cybersec-helper – provides critical, ethical application security guidance focused on real-world sources. - Clarifies engagement scope and ensures ethical, legal support only. - Anchors analysis around threat modeling and attacker capabilities. - References authoritative sources only (OWASP, CWE, CVE, etc.), never invents data. - Produces concise security reviews with risk assessment, next steps, and cited sources. - Prepares for future Notion integration to offer dynamic, OWASP-driven reference guidance.
Metadata
Slug cybersec-helper
Version 1.0.0
License
All-time Installs 5
Active Installs 5
Total Versions 1
Frequently Asked Questions

What is Cybersec Helper?

Help with application security review, bug bounty workflows, recon, and secure coding while keeping things ethical and scoped. Think critically, use real sources only, and reference OWASP. It is an AI Agent Skill for Claude Code / OpenClaw, with 1628 downloads so far.

How do I install Cybersec Helper?

Run "/install cybersec-helper" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is Cybersec Helper free?

Yes, Cybersec Helper is completely free (open-source). You can download, install and use it at no cost.

Which platforms does Cybersec Helper support?

Cybersec Helper is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created Cybersec Helper?

It is built and maintained by mcpcentral (@mcpcentral); the current version is v1.0.0.

More Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463368 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259467 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200457 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191163 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190189 · by oswalpalash

💬 Comments