Neckr0ik Security Suite
PendingStatic analysis audit pending.
Overview
No static analysis result has been recorded yet. Pattern checks will appear here once the artifact has been analyzed.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A user may rely on this output as proof of SOC 2, HIPAA, PCI-DSS, or GDPR compliance when it may only reflect this tool's limited checks.
The skill presents locally generated scan output as a compliance certificate for regulated frameworks. That wording can make users believe they have formal compliance certification when the artifacts only show a static scan/control-mapping workflow.
Generate certification reports for: - SOC 2 Type II - HIPAA - PCI-DSS - GDPR ... ║ STATUS: ✅ COMPLIANT ... Certificate ID: SOC2-2026-03-06-A7B3C9D2
Treat the reports as informal security scan results, not official compliance certification; use qualified compliance review for regulated obligations.
Automatic fixes could change or break a skill, especially if run without backups or review.
The fixer is purpose-aligned, but it can automatically modify files in the target skill and offers a no-backup mode.
neckr0ik-security-suite fix /path/to/skill --auto ... --auto Apply all fixes without prompting --no-backup Do not create backup files
Run with --dry-run first, keep backups enabled, and review diffs before accepting changes.
The installed behavior may vary based on which dependency versions are resolved, including the code that performs scanning and fixes.
The suite depends on separate scanner and fixer packages that are not version-pinned in the provided artifact set, so core behavior depends on external code not fully reviewed here.
"dependencies": [ "neckr0ik-security-scanner", "neckr0ik-security-fixer" ]
Verify the source and versions of the dependent scanner and fixer packages before using the suite, especially before running automatic fixes.