security-scanner
Automated security scanning and vulnerability detection for web applications, APIs, and infrastructure.
Best use case
security-scanner is best used when you need a repeatable AI agent workflow instead of a one-off prompt.
Automated security scanning and vulnerability detection for web applications, APIs, and infrastructure.
Teams using security-scanner should expect a more consistent output, faster repeated execution, less prompt rewriting.
When to use this skill
- You want a reusable workflow that can be run more than once with consistent structure.
When not to use this skill
- You only need a quick one-off answer and do not need a reusable workflow.
- You cannot install or maintain the underlying files, dependencies, or repository context.
Installation
Claude Code / Cursor / Codex
Manual Installation
- Download SKILL.md from GitHub
- Place it in
.claude/skills/security-scanner/SKILL.mdinside your project - Restart your AI agent — it will auto-discover the skill
How security-scanner Compares
| Feature / Agent | security-scanner | Standard Approach |
|---|---|---|
| Platform Support | Not specified | Limited / Varies |
| Context Awareness | High | Baseline |
| Installation Complexity | Unknown | N/A |
Frequently Asked Questions
What does this skill do?
Automated security scanning and vulnerability detection for web applications, APIs, and infrastructure.
Where can I find the source code?
You can find the source code on GitHub using the link provided at the top of the page.
SKILL.md Source
# security-scanner Automated security scanning and vulnerability detection for web applications, APIs, and infrastructure. ## Install ``` npx clawhub@latest install security-scanner ```
Related Skills
security-operator
Runtime security guardrails for OpenClaw agents.
security-checker
Security scanner for Python skills before publishing to ClawHub.
security-auditor
Use when reviewing code for security vulnerabilities, implementing authentication flows, auditing OWASP Top 10, configuring CORS/CSP headers, handling secrets, input validation, SQL injection prevention, XSS protection, or any security-related code review.
tech-security-audit
This skill integrates Nmap scanning functionality to perform local network vulnerability assessments.
go-security-vulnerability
Identify, assess, and fix security vulnerabilities in Go modules using govulncheck. Handle common vulnerabilities like JWT issues and ensure application stability during fixes.
Security Joes AI Analyst
SecOps checks for endpoints: EDR, Sysmon, updates, EVTX on heartbeat, least privilege, network visibility, credential protection (Kerberos/NTLM/pass-the-hash), device inventory and known vulnerabilities, weekly assessment, and skill integrity (hash-on-wake, version-aware). Use when implementing or reviewing host posture, heartbeat logic, EDR/Sysmon/EVTX, privilege, network exposure, credential hardening, vuln assessment, weekly SecOps review, or skill compromise checks.
skill-scanner
Scan OpenBot/Clawdbot skills for security vulnerabilities, malicious code, and suspicious patterns before installing them. Use when a user wants to audit a skill, check if a ClawHub skill is safe, scan for credential exfiltration, detect prompt injection, or review skill security. Triggers on security audit, skill safety check, malware scan, or trust verification.
Heimdall - Security Scanner for AI Agent Skills
Scan OpenClaw skills for malicious patterns before installation. Context-aware scanning with AI-powered narrative analysis.
security-suite
Advanced security validation: pattern detection, command sanitization.
security
Advanced security validation for Clawdbot - pattern detection, command sanitization, and threat monitoring
ultimate-fork-and-skill-scanner
Scan GitHub forks and ClawHub skills for valuable changes, innovations, and enhancements.
fork-and-skill-scanner-ultimate
Scan 1,000 GitHub forks per run.