Security Audit Scanner / 安全审计扫描器

Run custom checks for exposed secrets, outdated packages, and misconfigurations in code/Docker/CI. / 对代码、Docker 和 CI 中的暴露密钥、过时包和错误配置执行自定义检查。

Install

openclaw skills install @kingaiwork/security-audit-scanner

🔒 Security Audit Scanner / 安全审计扫描器

Run custom checks for exposed secrets, outdated packages, and misconfigurations in code/Docker/CI. / 对代码、Docker 和 CI 中的暴露密钥、过时包和错误配置执行自定义检查。

🦁 由 KingAI.Work 出品 — 智能进化|vip@kingai.work


Quick Start / 快速开始

bash
bash security-audit-scanner --repo ./myapp --severity high --ci-ignore Dockerfile Scan the "myapp" repo for high-severity issues only, skipping Dockerfile checks in CI contexts. / 仅扫描“myapp”仓库中的高危问题,并跳过 CI 环境中的 Dockerfile 检查。 

Features / 功能

• Run instant scans for exposed API keys, tokens, and certificates across codebases / 在代码库中一键扫描暴露的 API 密钥、令牌和证书,防止数据泄露 • Detect outdated dependencies and known CVEs in npm, pip, and Docker images / 识别 npm、pip 及 Docker 镜像中的过时依赖和已知漏洞,实时守护供应链安全 • Spot misconfigured CI/CD pipelines and Dockerfiles that increase attack surface / 精准定位 CI/CD 流水线和 Dockerfile 的配置缺陷,从源头缩小攻击面 • Generate clear, actionable remediation reports with severity scoring / 生成清晰可操作且附带严重性评分的修复报告,让安全修复有据可依 • Automate scans on every commit or schedule, with seamless Git integration / 在每次提交或定时任务中自动扫描,与 Git 无缝集成,省心省力(Pro 版支持自定义策略) • Perform deep secret-pattern analysis and regex-based rule customization / 执行深度密钥模式分析与正则规则定制,满足企业级合规需求(Pro 专享高级检测引擎)

Common Use Cases / 常见场景

• A junior dev accidentally commits a production AWS key to GitHub—scanner catches it before the push reaches the remote / 新手开发者误将生产环境 AWS 密钥提交到 GitHub,扫描器在推送前就将其捕获,避免灾难性泄露 • A team updates their Node.js microservice but forgets to upgrade an Express dependency with a known RCE vulnerability—scanner flags it during CI build / 团队更新 Node.js 微服务时忘记升级存在远程代码执行漏洞的 Express 依赖,扫描器在 CI 构建中发出警报 • A DevOps engineer deploys a Docker image with an exposed root user and open SSH port—scanner recommends minimal privilege configurations / DevOps 工程师部署的 Docker 镜像暴露了 root 用户和开放 SSH 端口,扫描器主动建议最小权限配置方案

Compare / 对比

FreePro
Basic
Advanced
AI
SupportCommunityPriority

• Unlock advanced secret heuristics that catch obfuscated credentials in logs and binary files / 解锁高级密钥启发式检测,捕获日志与二进制文件中的混淆凭证,让隐蔽威胁无所遁形 • Access custom rule engines for proprietary compliance frameworks like SOC 2 or PCI-DSS / 获得自定义规则引擎支持,为 SOC 2 或 PCI-DSS 等专属合规框架保驾护航 • Enable time-based audit trails and cross-repo correlation for enterprise security dashboards / 启用基于时间的审计日志与跨仓库关联分析,为企业安全看板提供完整数据链条\n\n

Part of the KING AI Ecosystem — kingai.work