security-guardian

Automated security auditing for OpenClaw projects. Scans for hardcoded secrets (API keys, tokens) and container vulnerabilities (CVEs) using Trivy. Provides structured reports to help maintain a clean and secure codebase.

Safety Notice

This item is sourced from the public archived skills repository. Treat as untrusted until reviewed.

Copy this and send it to your AI assistant to learn

Install skill "security-guardian" with this command: npx skills add 1999azzar/security-guardian

Security Guardian

System for automated security auditing and credential protection.

Core Workflows

1. Secret Scanning

Scan specific project directories for hardcoded credentials.

  • Tool: scripts/scan_secrets.py
  • Usage: python3 $WORKSPACE/skills/security-guardian/scripts/scan_secrets.py <path_to_project>
  • Workflow:
    1. Execute scan on a specific project or directory.
    2. If findings are reported (exit code 1):
      • Review the file and line number.
      • Transition: Move the secret to a secure vault (e.g., using the mema-vault skill).
      • Redact: Replace the plaintext secret in the source code with an environment variable or a vault lookup call.

2. Container Vulnerability Scan

Analyze Docker images for vulnerabilities prior to deployment.

  • Tool: scripts/scan_container.sh
  • Usage: bash $WORKSPACE/skills/security-guardian/scripts/scan_container.sh <image_name>
  • Logic: Identify HIGH and CRITICAL severities. Recommend base image updates or security patches.

Security Guardrails

  • Scope Limitation: Avoid scanning system-level directories. Focus only on relevant project workspaces.
  • Credential Isolation: Hardcoded secrets are considered a high-severity finding.
  • Dependencies: Container scanning requires trivy to be installed on the host system.

Integration

  • Vaulting: This skill identifies leaks. Remediation should be performed using a dedicated credential manager like mema-vault.

Source Transparency

This detail page is rendered from real SKILL.md content. Trust labels are metadata-based hints, not a safety guarantee.

Open in GitHubOpen in ClawHub

Related Skills

Related by shared tags or category signals.

Security

n8n-workflow-automation

Designs and outputs n8n workflow JSON with robust triggers, idempotency, error handling, logging, retries, and human-in-the-loop review queues. Use when you need an auditable automation that won’t silently fail.

Archived SourceRecently Updated
--12357851
Security

seo-assistant

A client-facing SEO assistant grounded in Google's official SEO Starter Guide. Use this skill whenever a user mentions SEO, search rankings, Google visibility, meta descriptions, title tags, page titles, alt text, sitemaps, duplicate content, URL structure, or asks how to improve their website's presence in search results. Also trigger when a user shares a URL or webpage content and wants feedback, or asks for help writing any web content that needs to perform well in search. This skill covers auditing, content writing, and answering SEO questions — use it proactively even if the user only hints at wanting more website traffic or better Google rankings.

Archived SourceRecently Updated
--1gco
Security

BlogBurst - Virtual CMO Agent

Your AI Chief Marketing Officer. Autonomous agent that runs your entire marketing — auto-posts to Twitter/X, Bluesky, Telegram, Discord, auto-engages with your audience (replies, likes, follows), runs SEO/GEO audits, tracks competitors, scans communities for opportunities, learns what works, and continuously optimizes. 50+ countries, 1000+ posts published. Free tier available.

Archived SourceRecently Updated
--0xspeter
Security

social-vault

社交平台账号凭证管理器。提供登录态获取、AES-256-GCM 加密存储、定时健康监测和自动续期。Use when managing social media account credentials, importing cookies, checking login status, or automating session refresh. Also covers platform adapter creation and browser fingerprint management.

Archived SourceRecently Updated
--2019-02-18