Ejecuta cualquier Skill en Manus
con un clic

Ejecuta cualquier Skill en Manus con un clic

security-scanner

Full-stack security audit for OpenClaw's Node.js ecosystem: npm audit for CVEs, Snyk for supply chain, ESLint security plugin for code patterns, OWASP dependency check, and AI review of the 60-repo portfolio for systemic vulnerabilities. Generates SECURITY_REPORT.md. Adapted from ZeroClaw's comprehensive security-scanner, tuned for Node.js/TypeScript and multi-repo portfolios.

Ejecutar en Manus

Resumen

Comando de instalación

npx skills add https://github.com/mk-knight23/AI-Agent-OpenClaw --skill security-scanner

Copia y pega este comando en Claude Code para instalar la habilidad

Fuente

mk-knight23/AI-Agent-OpenClaw

Estrellas0

Forks0

Actualizado10 de marzo de 2026, 00:13

SKILL.md

readonly

name	security-scanner
description	Full-stack security audit for OpenClaw's Node.js ecosystem: npm audit for CVEs, Snyk for supply chain, ESLint security plugin for code patterns, OWASP dependency check, and AI review of the 60-repo portfolio for systemic vulnerabilities. Generates SECURITY_REPORT.md. Adapted from ZeroClaw's comprehensive security-scanner, tuned for Node.js/TypeScript and multi-repo portfolios.

security-scanner

Ecosystem-wide security audit — CVEs, supply chain, code patterns, portfolio scanning.

Usage

@OpenClaw security-scanner --full
@OpenClaw security-scanner --portfolio        # Scan all 60 repos for CVEs
@OpenClaw security-scanner --repo ./target    # Audit a single repository
@OpenClaw security-scanner --fail-on critical # CI gate: fail only on CRITICAL

What It Checks

1. Known CVEs — `npm audit` + OWASP

Direct + transitive dependency scan against npm advisory DB
OWASP Dependency-Check for non-npm deps (Python scripts, CLI tools)
Each finding: CVE ID, CVSS score, affected package, fix

2. Supply Chain — Snyk

License policy enforcement (GPL-3.0, AGPL blocklist)
Typosquatting detection (flags expressjs vs express)
Malicious package patterns (dependency confusion)

3. Code Security — ESLint + Semgrep

Injection: SQL, shell, path traversal
Hardcoded secrets (API keys, tokens, passwords)
Dangerous functions: eval, exec, deserialize
Authentication bypass patterns

4. Portfolio Scan (OpenClaw-Specific)

Scans all repositories in the 60-repo matrix
Identifies shared vulnerable dependencies across repos
Prioritizes: which repos are in production vs. experimental
Generates unified report with cross-repo impact analysis

Files Created

SECURITY_REPORT.md          # Full report with severity + remediation
security_audit.json         # Machine-readable for CI artifacts
portfolio_security.md       # Cross-repo vulnerability map

CI Gate Integration

# .github/workflows/security-gate.yml
- name: OpenClaw Security Scan
  run: openclaw security-scanner --full --fail-on critical

Philosophy

With 60 repositories to manage, a single vulnerable shared dependency can cascade. Portfolio-level scanning catches these systemic risks before they become incidents.

Más de este repositorio

mismo repositorio

claw-ecosystem

mk-knight23/AI-Agent-OpenClaw

This skill should be used when the user asks to "start all claws", "start claw gateways", "run all gateways", "start openclaw nanobot picoclaw zeroclaw nanoclaw", "launch claw ecosystem", "stop all claws", "stop gateways", "claw status", "check gateway status", or "open claws". Manages all five Claw ecosystem gateways (OpenClaw, ZeroClaw, NanoBot, PicoClaw, NanoClaw) as a unified fleet.

2026-03-200

batch-processor

mk-knight23/AI-Agent-OpenClaw

High-throughput parallel processing of large datasets using Node.js streams and Claude AI. Accepts CSV, JSON, JSONL, or plain text. Processes in configurable chunk sizes with backpressure-aware Node.js Readable/Transform/Writable streams. Tracks progress, retries failures with exponential backoff, estimates cost before run. Adapted from ZeroClaw's Rayon-based batch processor for Node.js streaming architecture.

2026-03-100

iot-monitor

mk-knight23/AI-Agent-OpenClaw

Dashboard and API layer for monitoring IoT sensors and edge devices from OpenClaw's full-stack environment. Connects to MQTT brokers, HTTP sensor APIs, or PicoClaw agent heartbeats. Renders a live web dashboard, stores readings in Supabase, and sends alerts via any configured channel (Telegram, Slack, WhatsApp). Adapted from PicoClaw's Go iot-monitor for OpenClaw's Node.js full-stack runtime.

2026-03-100

add-gmail

mk-knight23/AI-Agent-OpenClaw

Adds Gmail monitoring to OpenClaw using the googleapis library. Creates OAuth2 credentials, polls INBOX for unread messages matching a trigger pattern, drafts AI replies, and sends after approval. Use when you want OpenClaw to monitor and respond to emails. Requires a Google Cloud project with Gmail API enabled and OAuth2 credentials.

2026-03-060

add-obsidian

mk-knight23/AI-Agent-OpenClaw

Mounts an Obsidian vault as a read-only knowledge source for OpenClaw. Registers a vault_search tool that performs full-text search across all .md files, returning file names and relevant excerpts. Use when you want OpenClaw to answer questions using your personal notes or team knowledge base. Requires the vault to be accessible as a local directory.

2026-03-060

add-slack

mk-knight23/AI-Agent-OpenClaw

Adds Slack integration to OpenClaw using the @slack/bolt framework. Creates a SlackChannel adapter with Socket Mode (no public URL required), handles app_mention events, routes messages through OpenClaw's skill dispatcher, and responds in-thread. Use when you want OpenClaw accessible from Slack workspaces. Requires a Slack app with Socket Mode enabled.

2026-03-060

Fuente

mk-knight23

mk-knight23/AI-Agent-OpenClaw

Abrir repositorio de GitHub Ver repositorios del creador

Comando de instalación

Descarga

Ejecutar en Manus

Útil paraSOC

Analistas de seguridad de la informaciónOcupaciones informáticas y matemáticas15-1212L4

name	security-scanner
description	Full-stack security audit for OpenClaw's Node.js ecosystem: npm audit for CVEs, Snyk for supply chain, ESLint security plugin for code patterns, OWASP dependency check, and AI review of the 60-repo portfolio for systemic vulnerabilities. Generates SECURITY_REPORT.md. Adapted from ZeroClaw's comprehensive security-scanner, tuned for Node.js/TypeScript and multi-repo portfolios.

security-scanner

Ecosystem-wide security audit — CVEs, supply chain, code patterns, portfolio scanning.

Usage

@OpenClaw security-scanner --full
@OpenClaw security-scanner --portfolio        # Scan all 60 repos for CVEs
@OpenClaw security-scanner --repo ./target    # Audit a single repository
@OpenClaw security-scanner --fail-on critical # CI gate: fail only on CRITICAL

What It Checks

1. Known CVEs — `npm audit` + OWASP

Direct + transitive dependency scan against npm advisory DB
OWASP Dependency-Check for non-npm deps (Python scripts, CLI tools)
Each finding: CVE ID, CVSS score, affected package, fix

2. Supply Chain — Snyk

License policy enforcement (GPL-3.0, AGPL blocklist)
Typosquatting detection (flags expressjs vs express)
Malicious package patterns (dependency confusion)

3. Code Security — ESLint + Semgrep

Injection: SQL, shell, path traversal
Hardcoded secrets (API keys, tokens, passwords)
Dangerous functions: eval, exec, deserialize
Authentication bypass patterns

4. Portfolio Scan (OpenClaw-Specific)

Scans all repositories in the 60-repo matrix
Identifies shared vulnerable dependencies across repos
Prioritizes: which repos are in production vs. experimental
Generates unified report with cross-repo impact analysis

Files Created

SECURITY_REPORT.md          # Full report with severity + remediation
security_audit.json         # Machine-readable for CI artifacts
portfolio_security.md       # Cross-repo vulnerability map

CI Gate Integration

# .github/workflows/security-gate.yml
- name: OpenClaw Security Scan
  run: openclaw security-scanner --full --fail-on critical

Philosophy

With 60 repositories to manage, a single vulnerable shared dependency can cascade. Portfolio-level scanning catches these systemic risks before they become incidents.

security-scanner

security-scanner

Usage

What It Checks

1. Known CVEs — npm audit + OWASP

2. Supply Chain — Snyk

3. Code Security — ESLint + Semgrep

4. Portfolio Scan (OpenClaw-Specific)

Files Created

CI Gate Integration

Philosophy

Más de este repositorio

Más de este repositorio

security-scanner

Usage

What It Checks

1. Known CVEs — npm audit + OWASP

2. Supply Chain — Snyk

3. Code Security — ESLint + Semgrep

4. Portfolio Scan (OpenClaw-Specific)

Files Created

CI Gate Integration

Philosophy

1. Known CVEs — `npm audit` + OWASP

1. Known CVEs — `npm audit` + OWASP