ClawHub
Skill flagged — review recommended

ClawHub Security found sensitive or high-impact capabilities. Review the scan results before using.

Expanso cve-scan

Scan software bill of materials (SBOM) for known CVE vulnerabilities using Expanso Edge pipelines.

Audits

Suspicious
ClawScanSuspicious

Agentic behavior and permission review.

Static analysisPass

Pattern checks against bundled files.

VirusTotalPass

Multi-engine malware detections and file reputation.

Install

openclaw skills install expanso-cve-scan

cve-scan

Scan SBOM for known CVE vulnerabilities

Requirements

  • Expanso Edge installed (expanso-edge binary in PATH)
  • Install via: clawhub install expanso-edge

Usage

CLI Pipeline

# Run standalone
echo '<input>' | expanso-edge run pipeline-cli.yaml

MCP Pipeline

# Start as MCP server
expanso-edge run pipeline-mcp.yaml

Deploy to Expanso Cloud

expanso-cli job deploy https://skills.expanso.io/cve-scan/pipeline-cli.yaml

Files

FilePurpose
skill.yamlSkill metadata (inputs, outputs, credentials)
pipeline-cli.yamlStandalone CLI pipeline
pipeline-mcp.yamlMCP server pipeline