← 返回 Skills 市场
84
总下载
0
收藏
0
当前安装
2
版本数
在 OpenClaw 中安装
/install security-auditor-x
功能描述
Perform comprehensive security audits on codebases, infrastructure configs, API designs, and architecture documents. Use this skill whenever the user wants t...
安全使用建议
This skill appears to be what it says: an instruction-only security auditor. Before using it, avoid pasting production secrets, API keys, or private certificates into code or config snippets — instead sanitize or redact sensitive values and run audits on copies. Be aware the skill's trigger phrases are broad; if you are concerned about automatic invocation, restrict when it's allowed or require explicit user consent before running. Finally, review any findings before applying recommended changes and, when possible, run automated checks on a non-production copy of your code/configs.
功能分析
Type: OpenClaw Skill
Name: security-auditor-x
Version: 1.0.5
The skill bundle contains only metadata and markdown instructions (SKILL.md) designed to guide an AI agent in performing security audits. It lacks any executable code, data exfiltration logic, or malicious instructions. The content is entirely consistent with its stated purpose of providing structured security reviews and remediation advice.
能力评估
Purpose & Capability
Name, description, and SKILL.md all describe a security audit capability and the skill does not request any unrelated binaries, environment variables, or installs. The lack of required resources is proportionate for an instruction-only audit helper that expects the user to supply artifacts to review.
Instruction Scope
The audit process and finding format are well-scoped and appropriate for the stated purpose. Two points to note: the skill's trigger guidance is broad ('trigger on phrases... even if the word "audit" isn't used'), which may cause more frequent/autonomous invocation if the agent's trigger logic is permissive; and the SKILL.md encourages including code/config snippets as evidence — users should avoid pasting secrets or production credentials into snippets.
Install Mechanism
No install spec or code files are present (instruction-only), so there is no download/execution risk from an installer.
Credentials
The skill declares no required environment variables, credentials, or config paths. That matches the described functionality (it analyzes artifacts provided by the user) and is proportionate.
Persistence & Privilege
always:false (default) and autonomous invocation is allowed (also default). Autonomous invocation is expected for skills, but because the trigger list is broad, consider whether you want the agent to be allowed to invoke this skill automatically in your environment.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install security-auditor-x - 安装完成后,直接呼叫该 Skill 的名称或使用
/security-auditor-x触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.5
Updated release
v1.0.0
Initial release
元数据
常见问题
Security Auditor X 是什么?
Perform comprehensive security audits on codebases, infrastructure configs, API designs, and architecture documents. Use this skill whenever the user wants t... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 84 次。
如何安装 Security Auditor X?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install security-auditor-x」即可一键安装,无需额外配置。
Security Auditor X 是免费的吗?
是的,Security Auditor X 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。
Security Auditor X 支持哪些平台?
Security Auditor X 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 Security Auditor X?
由 leewest0(@leewest0)开发并维护,当前版本 v1.0.5。
推荐 Skills