Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

Sign up
Appearance settings

Fail-closed security auditing for OpenClaw/ClawHub skills & repos (trufflehog + semgrep + prompt-injection/persistence/supply-chain checks)

License

Notifications You must be signed in to change notification settings

virtaava/security-audit

Folders and files

NameName
Last commit message
Last commit date

Latest commit

History

4 Commits

Repository files navigation

security-audit (OpenClaw skill)

This repository is a text-based OpenClaw/ClawHub skill bundle.

  • Entry point: SKILL.md
  • Purpose: hostile, fail-closed auditing of repos/skills before enabling

Quick start

./scripts/run_audit_json.sh <path> > /tmp/audit.json
jq '.ok, .tools' /tmp/audit.json

Security levels

OPENCLAW_AUDIT_LEVEL=standard ./scripts/run_audit_json.sh <path>
OPENCLAW_AUDIT_LEVEL=strict ./scripts/run_audit_json.sh <path>
OPENCLAW_AUDIT_LEVEL=paranoid ./scripts/run_audit_json.sh <path>

License

MIT (see LICENSE).

About

Fail-closed security auditing for OpenClaw/ClawHub skills & repos (trufflehog + semgrep + prompt-injection/persistence/supply-chain checks)

Topics

Resources

License

Stars

Watchers

Forks

Packages

No packages published

AltStyle によって変換されたページ (->オリジナル) /