security-auditor
PassAudited by VirusTotal on May 10, 2026.
Overview
Type: OpenClaw Skill Name: ah-security-auditor Version: 1.0.0 The skill bundle defines a standard persona for a security auditor and contains no executable code or malicious instructions. The SKILL.md file provides a comprehensive framework for identifying vulnerabilities and ensuring compliance, while the _meta.json contains standard metadata, with no indicators of data exfiltration, unauthorized execution, or prompt injection.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If paired with external tools, the agent could suggest or help run security tests that may be disruptive or inappropriate unless the target is owned or explicitly authorized.
The skill names tools commonly used for scanning and exploitation testing. This is coherent with a security-auditor role, but these tools can affect systems if used outside an authorized scope.
## Tools & Techniques - Burp Suite, OWASP ZAP - Nmap, Metasploit - SQLMap, XSSer
Use this skill only for systems you own or have permission to test, and define scope and safe testing limits before acting on any scan or exploitation guidance.