Toolverse
All skills
Security

agent-skills-tools

by openclaw

Security audit and validation tools for the Agent Skills ecosystem. Scan skill packages for common vulnerabilities like credential leaks, unauthorized file access, and Git history secrets. Use when you need to audit skills for security before installation, validate skill

Installation

Pick a client and clone the repository into its skills directory.

Installation

Quick info

Author
openclaw
Category
Security
Views
1
GitHub repo

About this skill

Security audit and validation tools for the Agent Skills ecosystem. Scan skill packages for common vulnerabilities like credential leaks, unauthorized file access, and Git history secrets. Use when you need to audit skills for security before installation, validate skill packages against Agent Skills standards, or ensure your skills follow best practices.

How to use

  1. Pobierz skrypt audytu bezpieczeństwa (skill-security-audit.sh) z repozytorium umiejętności agenta.

  2. Nadaj skryptowi uprawnienia do wykonania, jeśli jest to wymagane na Twojej platformie.

  3. Uruchom audyt, wskazując ścieżkę do pakietu umiejętności, którą chcesz sprawdzić. Skrypt przeskanuje pakiet i wygeneruje raport.

  4. Przejrzyj wyniki audytu, które obejmują kontrole takie jak: wyciek poświadczeń (klucze API, hasła, tokeny), dostęp do wrażliwych katalogów (~/.ssh, ~/.aws, ~/.config), zewnętrzne żądania sieciowe, użycie zmiennych środowiskowych oraz uprawnienia plików.

  5. Jeśli audyt wykryje problemy, napraw je w kodzie umiejętności — nigdy nie koduj poświadczeń na stałe, zamiast tego używaj zmiennych środowiskowych lub plików konfiguracyjnych.

  6. Po naprawie podatności uruchom audyt ponownie, aby potwierdzić, że umiejętność spełnia standardy bezpieczeństwa i jest gotowa do instalacji.

Related skills

python-expert

by Shubhamsaboo

Senior Python developer expertise for writing clean, efficient, and well-documented code.\nUse when: writing Python code, optimizing Python scripts, reviewing Python code for best practices,\ndebugging Python issues, implementing type hints, or when user mentions Python, PEP 8,

Security
2777

solidity-security

by wshobson

Master smart contract security best practices to prevent common vulnerabilities and implement secure Solidity patterns. Use when writing smart contracts, auditing existing contracts, or implementing security measures for blockchain applications.

Security
10105

reviewing-code

by CaptainCrouton89

Systematically evaluate code changes for security, correctness, performance, and spec alignment. Use when reviewing PRs, assessing code quality, or verifying implementation against requirements.

Security
1493

llama-cpp

by zechenzhangAGI

Runs LLM inference on CPU, Apple Silicon, and consumer GPUs without NVIDIA hardware. Use for edge deployment, M1/M2/M3 Macs, AMD/Intel GPUs, or when CUDA is unavailable. Supports GGUF quantization (1.5-8 bit) for reduced memory and 4-10× speedup vs PyTorch on CPU.

Security
11252

academic-researcher

by Shubhamsaboo

Academic research assistant for literature reviews, paper analysis, and scholarly writing.\nUse when: reviewing academic papers, conducting literature reviews, writing research summaries,\nanalyzing methodologies, formatting citations, or when user mentions academic research,

Security
1260

gmail-manager

by jeffvincent

Manage Gmail - send, read, search emails, manage labels and drafts. Use when user wants to interact with their Gmail account for email operations.

Security
17128