Skip to content
/ security-audit Public

Fail-closed security auditing for OpenClaw/ClawHub skills & repos (trufflehog + semgrep + prompt-injection/persistence/supply-chain checks)

clawdhub.com

License

MIT license
0 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

virtaava/security-audit

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

4 Commits
docs
docs
 
 
scripts
scripts
 
 
CHANGELOG.md
CHANGELOG.md
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
SKILL.md
SKILL.md
 
 
openclaw-skill.json
openclaw-skill.json
 
 

Repository files navigation

security-audit (OpenClaw skill)

This repository is a text-based OpenClaw/ClawHub skill bundle.

  • Entry point: SKILL.md
  • Purpose: hostile, fail-closed auditing of repos/skills before enabling

Quick start

./scripts/run_audit_json.sh <path> > /tmp/audit.json
jq '.ok, .tools' /tmp/audit.json

Security levels

OPENCLAW_AUDIT_LEVEL=standard ./scripts/run_audit_json.sh <path>
OPENCLAW_AUDIT_LEVEL=strict   ./scripts/run_audit_json.sh <path>
OPENCLAW_AUDIT_LEVEL=paranoid ./scripts/run_audit_json.sh <path>

License

MIT (see LICENSE).

About

Fail-closed security auditing for OpenClaw/ClawHub skills & repos (trufflehog + semgrep + prompt-injection/persistence/supply-chain checks)

clawdhub.com

Topics

security supply-chain audit devsecops trufflehog semgrep ai-agent prompt-injection openclaw clawhub

Resources

Readme

License

MIT license
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

2 tags

Packages

No packages published

Languages