Security Essentials
ReviewAudited by ClawScan on May 10, 2026.
Overview
The skill is an instruction-only marketing-style stub, but it describes broad system hardening, secret scanning, process killing, recurring cron audits, and external reporting without clear safeguards or reviewed implementation.
Review carefully before using. Treat this as an unimplemented or externally linked security toolkit, not a verified hardening tool. Only run read-only checks first, require explicit approval before system changes or process termination, and do not allow secret scans or report delivery until paths, redaction, storage, and destination channels are clearly defined.
Findings (5)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If an agent follows these instructions too broadly, it could change critical host settings or disrupt services.
SSH, firewall, update, permission, and process changes can affect system availability or lock users out. The artifact does not define safe defaults, approval gates, or rollback steps for these high-impact actions.
Host hardening audit — SSH config, firewall status, open ports, system updates, file permissions, running processes. Prioritized findings ... with exact fix commands.
Use read-only audit mode first, review every command manually, keep backups, and require explicit user approval before any SSH, firewall, permission, update, or process change.
Secrets, token names, or rotation metadata could be exposed to the agent context or stored/reused in ways the user did not expect.
The skill describes reading and tracking sensitive credential-related information, but the artifact does not bound scan paths, storage, retention, redaction, or how rotation metadata is protected.
Secret hygiene system — scans for exposed secrets, tracks rotation dates, alerts on expiring tokens, checks .gitignore coverage
Define exact scan locations, exclude private or irrelevant paths, redact secret values, and clarify where any rotation records are stored and when they are deleted.
Sensitive security findings could be sent outside the local machine or to the wrong channel.
Security-audit findings may include host, port, process, or secret-related details. The destination channel, authentication, redaction, and approval model are not specified.
Automated security cron — daily recurring audit with findings sent to your preferred channel
Require explicit user selection of the destination, redact sensitive values, preview reports before sending, and document how channel credentials and audit data are handled.
Important applications or services could be terminated unexpectedly, and background monitoring may persist longer than intended.
Auto-killing processes and recurring monitoring are autonomous behaviors that can continue beyond a single user request, but the artifact does not define limits, allowlists, opt-in controls, or shutdown procedures.
Process & RAM monitoring — identifies memory hogs, auto-kills resource drains, anomaly detection, zombie process cleanup
Make monitoring opt-in, require confirmation before killing processes, maintain allowlists, log all actions, and provide a clear disable/uninstall procedure.
Users may overtrust the installed skill or assume protections exist when the reviewed artifact does not contain the actual kit.
The reviewed package is instruction-only with no implementation files, while the document presents a complete hardening kit and links to an external paid product that was not reviewed in these artifacts.
Get Security Essentials ... $9 — Complete security hardening kit with all audits, playbooks, and monitoring.
Do not rely on this artifact as a complete security tool; review the actual implementation, install source, and commands before granting any system access.