security-auditor
PassAudited by ClawScan on May 10, 2026.
Overview
This is an instruction-only security-auditing skill with disclosed, purpose-aligned guidance and no code, credentials, install steps, or hidden capabilities.
This skill appears safe as an instruction-only security-auditing prompt. Before using it, make sure any security testing is authorized and scoped, especially if you connect it to tools like Nmap, Metasploit, SQLMap, or web scanners.
Findings (1)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If paired with external tools, the agent could suggest or help run security tests that may be disruptive or inappropriate unless the target is owned or explicitly authorized.
The skill names tools commonly used for scanning and exploitation testing. This is coherent with a security-auditor role, but these tools can affect systems if used outside an authorized scope.
## Tools & Techniques - Burp Suite, OWASP ZAP - Nmap, Metasploit - SQLMap, XSSer
Use this skill only for systems you own or have permission to test, and define scope and safe testing limits before acting on any scan or exploitation guidance.