Skill

security-audit

From sundial-org-awesome-openclaw-skills-4

Audits Clawdbot deployments for exposed credentials, open ports, weak configs, file permissions, Docker issues, and vulnerabilities. Includes auto-fix and CLI-targeted scans.

Node

Docker

Bash

security

Install

npx claudepluginhub joshuarweaver/cascade-ai-ml-agents-misc-2 --plugin sundial-org-awesome-openclaw-skills-4

Tool Access

This skill uses the workspace's default tool permissions.

Preview

Run a security audit to identify vulnerabilities in your Clawdbot setup before deployment or on a schedule. Use auto-fix to remediate common issues automatically.

Supporting Assets

scripts/audit.cjs

SKILL.md

Similar Skills

cache-components

Guides Next.js Cache Components and Partial Prerendering (PPR) with cacheComponents enabled. Implements 'use cache', cacheLife(), cacheTag(), revalidateTag(), static/dynamic optimization, and cache debugging.

cache-components

139.2k

mcp-builder

9 files

Guides building MCP servers enabling LLMs to interact with external services via tools. Covers best practices, TypeScript/Node (MCP SDK), Python (FastMCP).

anthropics-skills-13

124.2k

canvas-design

20 files

Generates original PNG/PDF visual art via design philosophy manifestos for posters, graphics, and static designs on user request.

anthropics-skills-13

124.2k

Stats

Stars586

Forks75

Last CommitFeb 1, 2026

Actions

View Source View Plugin View on GitHub View README

Security Audit Skill

When to use

Run a security audit to identify vulnerabilities in your Clawdbot setup before deployment or on a schedule. Use auto-fix to remediate common issues automatically.

Setup

No external dependencies required. Uses native system tools where available.

How to

Quick audit (common issues)

node skills/security-audit/scripts/audit.cjs

Full audit (comprehensive scan)

node skills/security-audit/scripts/audit.cjs --full

Auto-fix common issues

node skills/security-audit/scripts/audit.cjs --fix

Audit specific areas

node skills/security-audit/scripts/audit.cjs --credentials      # Check for exposed API keys
node skills/security-audit/scripts/audit.cjs --ports            # Scan for open ports
node skills/security-audit/scripts/audit.cjs --configs          # Validate configuration
node skills/security-audit/scripts/audit.cjs --permissions      # Check file permissions
node skills/security-audit/scripts/audit.cjs --docker           # Docker security checks

Generate report

node skills/security-audit/scripts/audit.cjs --full --json > audit-report.json

Output

The audit produces a report with:

Level	Description
🔴 CRITICAL	Immediate action required (exposed credentials)
🟠 HIGH	Significant risk, fix soon
🟡 MEDIUM	Moderate concern
🟢 INFO	FYI, no action needed

Checks Performed

Credentials

API keys in environment files
Tokens in command history
Hardcoded secrets in code
Weak password patterns

Ports

Unexpected open ports
Services exposed to internet
Missing firewall rules

Configs

Missing rate limiting
Disabled authentication
Default credentials
Open CORS policies

Files

World-readable files
Executable by anyone
Sensitive files in public dirs

Docker

Privileged containers
Missing resource limits
Root user in container

Auto-Fix

The --fix option automatically:

Sets restrictive file permissions (600 on .env)
Secures sensitive configuration files
Creates .gitignore if missing
Enables basic security headers

Related skills

security-monitor - Real-time monitoring (available separately)