security-sentinel
Scan the workspace for security vulnerabilities, exposed secrets, and misconfigurations.
Best use case
security-sentinel is best used when you need a repeatable AI agent workflow instead of a one-off prompt.
Scan the workspace for security vulnerabilities, exposed secrets, and misconfigurations.
Teams using security-sentinel should expect a more consistent output, faster repeated execution, less prompt rewriting.
When to use this skill
- You want a reusable workflow that can be run more than once with consistent structure.
When not to use this skill
- You only need a quick one-off answer and do not need a reusable workflow.
- You cannot install or maintain the underlying files, dependencies, or repository context.
Installation
Claude Code / Cursor / Codex
Manual Installation
- Download SKILL.md from GitHub
- Place it in
.claude/skills/security-sentinel/SKILL.mdinside your project - Restart your AI agent — it will auto-discover the skill
How security-sentinel Compares
| Feature / Agent | security-sentinel | Standard Approach |
|---|---|---|
| Platform Support | Not specified | Limited / Varies |
| Context Awareness | High | Baseline |
| Installation Complexity | Unknown | N/A |
Frequently Asked Questions
What does this skill do?
Scan the workspace for security vulnerabilities, exposed secrets, and misconfigurations.
Where can I find the source code?
You can find the source code on GitHub using the link provided at the top of the page.
SKILL.md Source
# Security Sentinel A security scanning tool for the OpenClaw workspace. ## Usage ```bash node skills/security-sentinel/scan.js ``` ## Features - Scans for exposed API keys in text files. - Checks file permissions (basic). - Reports findings to stdout.
Related Skills
security-operator
Runtime security guardrails for OpenClaw agents.
security-checker
Security scanner for Python skills before publishing to ClawHub.
agent-sentinel
The operational circuit breaker for this agent. Enforces budget limits locally. **Sign up at agentsentinel.dev for real-time dashboards and human approval workflows.**
security-auditor
Use when reviewing code for security vulnerabilities, implementing authentication flows, auditing OWASP Top 10, configuring CORS/CSP headers, handling secrets, input validation, SQL injection prevention, XSS protection, or any security-related code review.
tech-security-audit
This skill integrates Nmap scanning functionality to perform local network vulnerability assessments.
go-security-vulnerability
Identify, assess, and fix security vulnerabilities in Go modules using govulncheck. Handle common vulnerabilities like JWT issues and ensure application stability during fixes.
Security Joes AI Analyst
SecOps checks for endpoints: EDR, Sysmon, updates, EVTX on heartbeat, least privilege, network visibility, credential protection (Kerberos/NTLM/pass-the-hash), device inventory and known vulnerabilities, weekly assessment, and skill integrity (hash-on-wake, version-aware). Use when implementing or reviewing host posture, heartbeat logic, EDR/Sysmon/EVTX, privilege, network exposure, credential hardening, vuln assessment, weekly SecOps review, or skill compromise checks.
Heimdall - Security Scanner for AI Agent Skills
Scan OpenClaw skills for malicious patterns before installation. Context-aware scanning with AI-powered narrative analysis.
test-sentinel
Writes and runs tests (unit, integration, E2E), performs linting, and auto-fixes failures.
security-suite
Advanced security validation: pattern detection, command sanitization.
security
Advanced security validation for Clawdbot - pattern detection, command sanitization, and threat monitoring
security-audit
Audit codebases and infrastructure for security issues. Use when scanning dependencies for vulnerabilities, detecting hardcoded secrets, checking OWASP top 10 issues, verifying SSL/TLS, auditing file permissions, or reviewing code for injection and auth flaws.