From agi-super-team
Security auditing for Clawdbot deployments: scans for exposed credentials, open ports, weak configs, and vulnerabilities. Auto-fix mode included.
How this skill is triggered — by the user, by Claude, or both
Slash command
/agi-super-team:security-auditThe summary Claude sees in its skill listing — used to decide when to auto-load this skill
Run a security audit to identify vulnerabilities in your Clawdbot setup before deployment or on a schedule. Use auto-fix to remediate common issues automatically.
Run a security audit to identify vulnerabilities in your Clawdbot setup before deployment or on a schedule. Use auto-fix to remediate common issues automatically.
No external dependencies required. Uses native system tools where available.
node skills/security-audit/scripts/audit.cjs
node skills/security-audit/scripts/audit.cjs --full
node skills/security-audit/scripts/audit.cjs --fix
node skills/security-audit/scripts/audit.cjs --credentials # Check for exposed API keys
node skills/security-audit/scripts/audit.cjs --ports # Scan for open ports
node skills/security-audit/scripts/audit.cjs --configs # Validate configuration
node skills/security-audit/scripts/audit.cjs --permissions # Check file permissions
node skills/security-audit/scripts/audit.cjs --docker # Docker security checks
node skills/security-audit/scripts/audit.cjs --full --json > audit-report.json
The audit produces a report with:
| Level | Description |
|---|---|
| 🔴 CRITICAL | Immediate action required (exposed credentials) |
| 🟠 HIGH | Significant risk, fix soon |
| 🟡 MEDIUM | Moderate concern |
| 🟢 INFO | FYI, no action needed |
The --fix option automatically:
security-monitor - Real-time monitoring (available separately)npx claudepluginhub aaaaqwq/agi-super-team --plugin agi-super-teamSecurity auditing for Clawdbot deployments: scans for exposed credentials, open ports, weak configs, and vulnerabilities. Auto-fix mode included.
Audits OpenClaw configurations for security vulnerabilities, misconfigurations, secret leaks, and over-privileged agents. Produces structured JSON reports with risk scores and remediation steps.
Performs full security audits scanning for hardcoded secrets, vulnerable dependencies, IAM misconfigs, auth flaws, SQL injection, XSS, HTTPS issues, rate limiting, public storage exposures.