Audit GitHub repositories for security vulnerabilities, malicious code patterns, and suspicious behavior. Clone repos, analyze code for backdoors, data exfiltration, obfuscation, dependency risks, and license compliance. Generate a security report and optionally scaffold a clean reimplementation if the repo passes safety checks. Use when: user wants to "review a GitHub repo for security", "check if code is safe", "audit repository for malicious code", "analyze repo before using", "scan dependencies", "recreate this repo safely", or any request involving security analysis of third-party code. Do NOT use for: repos you own and trust, general code review without security focus, or when user only wants a feature summary without security checks.

Install

openclaw skills install @erickgrau/repo-security-auditor