AI Security Audit Pro Plugin
Universal security-audit plugin and CLI engine for AI agents with OWASP-mapped reports.
Install
openclaw plugins install clawhub:ai-security-audit-proAI Security Audit Pro Plugin
A security-audit plugin that AI agents can actually run.
AI Security Audit Pro Plugin is a defensive security-audit plugin and CLI engine for AI coding agents. It gives Codex, Claude Code, Gemini CLI, Google Antigravity, OpenCode, Hermes, OpenClaw, and other shell-capable AI tools a serious workflow for auditing codebases, websites, and APIs.
It is built for people who want their agent to do more than produce generic advice. A good run should inspect the target, use the right tools, capture evidence, separate real findings from scanner noise, and produce a report someone can actually review.
The Idea
AI agents are useful at security work, but only when they have a disciplined process.
Without structure, they tend to:
- repeat the same low-value header findings,
- overstate scanner output,
- miss scope and authorization details,
- mix real findings with guesses,
- and produce reports that are hard to trust.
This plugin gives the agent a safer, repeatable path:
- Understand the target.
- Run local or URL-based audit checks.
- Use optional scanners when they are installed and authorized.
- Write down what was reviewed and what was skipped.
- Mark findings as
Confirmed,Likely, orNeeds validation. - Generate Markdown, HTML, PDF, or JSON output.
That is the point of this repo: not just "run a scanner," but help an AI agent behave more like a careful security reviewer.
Plugin First, CLI Powered
Every AI tool has a different plugin system. Codex, Claude Code, Gemini CLI, Antigravity, OpenCode, Hermes, and OpenClaw do not all load the same package format.
So AI Security Audit Pro ships as both:
| Part | What it does |
|---|---|
| Plugin files | Give agents the instructions, skills, and adapter docs they need. |
| CLI engine | Gives every shell-capable agent one stable way to run the audit. |
The CLI is the runtime interface of the plugin:
node scripts/security-audit.mjs --target . --out security-audit-report.md --html-out security-audit-report.html
An agent can run that command, read the report, validate the evidence, summarize the risk, and tell you what still needs manual testing.
Download And Install
The package is published on npm:
- npm package: ai-security-audit-pro
- GitHub source: xsourabhsharma/ai-security-audit-pro
- Current source version:
0.8.3
The npm badge shows the latest package already published to npm. After maintainers publish 0.8.3, the badge will update automatically.
Install it globally when you want the CLI available to Codex, Claude Code, Gemini CLI, OpenCode, Hermes, OpenClaw, or any other shell-capable agent:
npm install -g ai-security-audit-pro
security-audit-pro --target . --out security-audit-report.md --html-out security-audit-report.html
The package is also published on ClawHub as a community bundle plugin for OpenClaw. New ClawHub releases may show scan: pending for a short time while automated checks and indexing finish. OpenClaw users can install from ClawHub with:
openclaw plugins install clawhub:ai-security-audit-pro
Inspect the ClawHub package metadata with:
clawhub package inspect ai-security-audit-pro
Supported Agents
| Agent or tool | Included support |
|---|---|
| Codex | .codex-plugin/plugin.json, skills/security-audit/SKILL.md, AGENTS.md |
| Claude Code | .claude-plugin/plugin.json, skills/security-audit/SKILL.md, CLAUDE.md |
| Gemini CLI | GEMINI.md and the CLI workflow |
| Google Antigravity | GEMINI.md or agent-adapters/antigravity.md |
| OpenCode | AGENTS.md or agent-adapters/opencode.md |
| Hermes | agent-adapters/hermes.md and the CLI as a local command tool |
| OpenClaw | agent-adapters/openclaw.md and the CLI workflow |
| Any other AI agent | Use the universal prompt and CLI command |
Universal prompt:
Use AI Security Audit Pro Plugin from this repository. Run node scripts/security-audit.mjs against the exact target. Keep the audit defensive, authorized, and non-destructive. Redact secrets. Separate confirmed findings from likely or needs-validation findings. Produce Markdown plus HTML when requested, and explain skipped checks or residual risk.
What It Can Check
| Surface | Examples |
|---|---|
| Source code | Injection hotspots, unsafe execution, XSS sinks, SSRF hotspots, file access, deserialization, XML parser risks, auth/IDOR/BOLA review hotspots, mass-assignment, JWT/session mistakes, and CI/CD workflow trust-boundary risks. |
| Secrets | API keys, tokens, private keys, JWTs, cloud keys, and secret-like assignments with redacted evidence. |
| Dependencies | npm, pnpm, yarn, pip-audit, Bandit, OSV-Scanner, govulncheck, cargo-audit, composer audit when available. |
| Websites | Headers, TLS, cookies, CORS, HTTP methods, exposed files, debug endpoints, API docs, security.txt. |
| SPA bundle risks | Lazy-loaded JavaScript chunk discovery, production debug logging, endpoint-map exposure, token storage, secret-like public config, GraphQL introspection/schema signals, client-side password-transform signals, hardcoded identity placeholders, payment return URL drift, and auth identity-binding signals that need controlled validation. |
| APIs | OpenAPI, Swagger, GraphQL, Postman artifacts, route inventory, authorization hotspots. |
| Active scanning | Authorized httpx, SSLyze, katana, ffuf, Nuclei, and OWASP ZAP orchestration when installed. |
| Business logic | Role testing, object authorization, uploads, quotas, sharing, admin flows, and workflow-abuse planning through the scope template. |
| Reports | Markdown, HTML dashboard, PDF, and JSON. |
What Makes It Useful
- It is agent-neutral. The same repo can guide Codex, Claude Code, Gemini CLI, OpenCode, Hermes, OpenClaw, and other tools.
- It gives agents a real command to run instead of relying on vague prompt memory.
- It records skipped checks instead of pretending coverage happened.
- It encourages validation instead of treating every scanner result as a confirmed bug.
- It produces reports with impact, evidence, remediation, OWASP/CWE mapping, and safe validation steps.
- It can be used on local projects, localhost apps, staging sites, and authorized public targets.
- It supports JSON output so agents can parse results and build follow-up workflows.
No honest security tool can promise to find every vulnerability. This plugin is designed to find strong signals, preserve evidence, and make the remaining gaps visible.
Quick Start
Fastest path from npm:
npm install -g ai-security-audit-pro
security-audit-pro --target . --out security-audit-report.md --html-out security-audit-report.html
Source checkout path:
git clone https://github.com/xsourabhsharma/ai-security-audit-pro.git
cd ai-security-audit-pro
npm test
Run the local engine from source:
node scripts/security-audit.mjs --target . --out security-audit-report.md --html-out security-audit-report.html
OpenClaw path through ClawHub:
openclaw plugins install clawhub:ai-security-audit-pro
Requirements:
- Node.js 18 or newer.
- Optional: Python plus ReportLab for PDF output.
- Optional scanner tools on PATH for deeper coverage.
Common Audit Commands
Local project:
node scripts/security-audit.mjs --target . --out security-audit-report.md --html-out security-audit-report.html
Authorized website:
node scripts/security-audit.mjs --target https://staging.example.com --mode standard --authorized --out report.md --html-out report.html
Deep authorized active scan:
node scripts/security-audit.mjs --target https://staging.example.com --mode active --profile deep --authorized --scope-file templates/authenticated-audit-scope.md --out report.md --html-out report.html --pdf-out report.pdf
JSON for agent workflows:
node scripts/security-audit.mjs --target . --json --out report.json
Modes
| Mode | Best for | Notes |
|---|---|---|
passive | Local projects and low-risk URL posture checks. | Does not perform active probing. |
standard | Authorized websites where shallow exposure checks are allowed. | Requires --authorized. |
active | Authorized security reviews where scanner orchestration is allowed. | Requires --authorized. |
Active profiles:
safe: lower request volume.balanced: default profile.deep: broader non-destructive coverage for explicitly authorized targets.
What A Report Looks Like
The output is meant to read like a real security handoff, not a raw tool dump.
Bug Analysis Report
Assessment Conclusion
Finding Overview
Key Risk Summary
Confirmed Vulnerabilities / Risks
Scope And Authorization
Auth And Business Logic Scope
Critical Severity Findings
High Severity Findings
Medium Severity Findings
Low Severity Findings
Info Severity Findings
Reviewed Surfaces
Coverage Matrix
Tool Execution
Skipped Checks And Residual Risk
Each finding can include:
Status: Confirmed / Likely / Needs validation
Severity: Critical / High / Medium / Low / Info
Affected surface: file, URL, endpoint, header, route, or workflow
Evidence: redacted and reviewable
Risk: why this matters
Impact: what an attacker could gain
Mapping: OWASP / CWE where practical
Remediation: how to fix it
Safe validation: non-destructive reproduction or confirmation step
Optional Scanner Tooling
The plugin works without bundled scanner binaries. Install tools separately and keep them on PATH, or set SECURITY_AUDIT_TOOLS_DIR.
Supported optional tools:
- Semgrep
- OSV-Scanner
- Gitleaks
- TruffleHog
- npm, pnpm, yarn audit
- pip-audit
- Bandit
- govulncheck
- cargo-audit
- composer audit
- ProjectDiscovery httpx
- katana
- ffuf
- Nuclei
- SSLyze
- OWASP ZAP
- Docker for ZAP Docker baseline
When a tool is missing, the report says so clearly.
Repository Layout
ai-security-audit-pro/
.codex-plugin/plugin.json
.claude-plugin/plugin.json
agent-adapters/
assets/
docs/
examples/
scripts/security-audit.mjs
skills/security-audit/SKILL.md
templates/authenticated-audit-scope.md
AGENTS.md
CLAUDE.md
GEMINI.md
Responsible Use
Use this plugin only on systems you own or are explicitly authorized to test.
Do not use it for credential attacks, denial of service, persistence, stealth, malware, data dumping, or testing outside approved scope.
A clean report means "no issues found by these checks." It does not prove the target has no vulnerabilities. Review coverage, skipped checks, and manual validation notes.
Development
npm test
node scripts/security-audit.mjs --help
node scripts/security-audit.mjs --target . --mode passive --no-tools --json --out self-audit.json
License
MIT. See LICENSE.