Agentic Security Audit

The OpenClaw AgentSkills skill bundle 'agentic-security-audit' is designed to perform comprehensive security audits on codebases, infrastructure, and agentic AI systems. It utilizes standard security tools and shell commands (e.g., `npm audit`, `pip-audit`, `grep`, `find`, `openssl`, `curl`, `git log`) to detect vulnerabilities, hardcoded secrets, misconfigurations, and agent-specific threats like prompt injection and memory poisoning. All commands and scripts are focused on reporting potential issues, not on exploiting them or exfiltrating data. The `SKILL.md` itself does not contain any prompt injection attempts against the agent, nor does it exhibit any malicious behaviors such as data exfiltration, unauthorized remote control, or persistence mechanisms. Its actions are entirely aligned with its stated purpose of security auditing.