{"skill":{"slug":"openclaw-policy-check","displayName":"OpenClaw Policy Check","summary":"Scan repositories for risky security patterns before execution. Use when users ask for a quick preflight security check, policy enforcement scan, suspicious code triage, or detection of unsafe commands, secret leakage, and dangerous shell behavior.","description":"---\nname: openclaw-policy-check\ndescription: \"Scan repositories for risky security patterns before execution. Use when users ask for a quick preflight security check, policy enforcement scan, suspicious code triage, or detection of unsafe commands, secret leakage, and dangerous shell behavior.\"\n---\n\n# OpenClaw Policy Check\n\nRun a lightweight policy scan to catch common high-risk patterns in code and scripts.\n\n## Inputs\n\n- `target_path` (required): file or directory to scan.\n- `fail_on` (optional): severity threshold for non-zero exit. One of `critical`, `high`, `medium`, `low`.\n- `json_output` (optional): print raw JSON output.\n\n## Workflow\n\n1. Run `scripts/policy_check.py` on the target path.\n2. Review severity counts and top findings.\n3. If findings exist, prioritize `critical` and `high` items first.\n4. Suggest concrete fixes for each flagged pattern.\n\n## Commands\n\n```bash\npython3 scripts/policy_check.py \"<target_path>\"\npython3 scripts/policy_check.py \"<target_path>\" --json\npython3 scripts/policy_check.py \"<target_path>\" --fail-on high\n```\n\n## Response Contract\n\n- Always include total findings and severity breakdown.\n- Include top findings with `file:line`, rule id, and reason.\n- If no findings exist, explicitly state that no policy violations were detected.\n- Keep remediation guidance concrete and brief.\n","tags":{"latest":"1.0.0"},"stats":{"comments":0,"downloads":1303,"installsAllTime":5,"installsCurrent":5,"stars":0,"versions":1},"createdAt":1771016106016,"updatedAt":1778489515140},"latestVersion":{"version":"1.0.0","createdAt":1771016106016,"changelog":"Initial release of openclaw-policy-check.\n\n- Scans repositories for risky security patterns prior to execution.\n- Detects unsafe commands, secret leakage, and dangerous shell behavior.\n- Supports severity thresholds and JSON output for flexible integration.\n- Provides clear summaries with findings, severity breakdown, and actionable remediation guidance.","license":null},"metadata":null,"owner":{"handle":"spbavarva","userId":"s172cx97rzv0nr139hdtdty6hs884073","displayName":"spbavarva","image":"https://avatars.githubusercontent.com/u/84507631?v=4"},"moderation":null}