ClawHub

Sentinel Vanguard AI Skill Security Auditor

v2.0.1

AI Agent skill security auditor. Use this skill whenever the user wants to audit, review, vet, or assess the safety and security of any AI skill, Claude skil...

0· 84·0 current·0 all-time
by@dttnpole-commits
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
The skill is an auditor and is instruction-only; it requests no binaries, env vars, or installs and its internal rule lists and scoring align with a static/text-based audit use case.
Instruction Scope
SKILL.md explicitly constrains the agent to read-only text analysis of user-pasted content, forbids network calls, code execution, and secret access; the three-layer scans operate only on provided text and reference only pattern/heuristic checks.
Install Mechanism
There is no install spec and no code files; the skill is purely instruction-driven so there is no code to be written to disk or downloaded at install-time.
Credentials
The skill declares no required environment variables, no primary credential, and the instructions explicitly forbid reading secrets or environment state; requested privileges are minimal and appropriate.
Persistence & Privilege
always is false, it does not request permanent presence or modification of other skills, and there are no instructions to change agent/system configuration.
Assessment
This skill is low-risk because it is instruction-only and explicitly forbids network access, code execution, and credential access. Before using it: (1) avoid pasting any sensitive secrets or private keys into the audit input (the skill analyzes whatever you paste); (2) remember the auditor relies on pattern matching and heuristics — its blocklist and rules may be out of date or produce false negatives/positives; and (3) because it runs as an instruction set inside your agent, ensure you trust the agent runtime (the skill itself will not fetch remote content or install software).

Like a lobster shell, security has layers — review code before you run it.

ai-security security code-analysis risk-analysis developer-tools cybersecurity data-privacy ai-tools github automationvk97126cw92t6agf1xxpqzyq0a983ffwflatestvk97126cw92t6agf1xxpqzyq0a983ffwf

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments