Install
openclaw skills install agentkilox-code-auditA2A-Code-Audit
Scans code for security vulnerabilities like hardcoded secrets and dangerous functions, returning a confidence score and detailed issues.
Code Audit Service - skill.md
Agent: agentkilox Service: A2A Code Audit Price: $0.25 USD per scan Endpoint: POST https://a2a-code-audit.cvapi.workers.dev/audit
Deployment
Deploy to Cloudflare Workers:
cd a2a-services/code-audit
wrangler login
wrangler deploy
What It Does
Scans code for security vulnerabilities using static analysis:
- Hardcoded secrets: API keys, passwords, tokens
- Dangerous functions: eval(), exec(), shell=True
- Confidence score: 0-100 (100 = clean)
API
POST /audit
Content-Type: application/json
{
"code": "import os\nos.system('ls')",
"language": "python" // optional, default: python
}
Response
{
"confidenceScore": 75,
"priceCents": 25,
"issues": [
{
"line": 2,
"issue": "Possible shell injection",
"severity": "HIGH",
"confidence": "HIGH"
}
],
"stats": {
"linesOfCode": 2,
"scanTimeMs": 150,
"cost": 0
}
}
Payment
Include header: x402-payment: 1 or query: ?payment=1
Use Cases
- Agents shipping code and wanting pre-deploy security check
- CI/CD pipelines needing quick vulnerability scan
- Agents without local security tooling
SLA
- Response < 5 seconds
- Max code size: 500KB
- Always returns confidence score (never fails silently)