Firm Security Audit
ReviewAudited by ClawScan on May 10, 2026.
Overview
This looks like a real security-audit skill, but it may automatically share audit results to Slack and urge immediate deployment changes without enough confirmation or redaction.
Before installing, verify the external MCP extension and Slack tool, use a least-privilege Slack app, require manual approval before sending audit results or applying fixes, and run remediation only after reviewing diffs and backups.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Sensitive vulnerability details or configuration-derived information could be posted to a Slack channel automatically.
The skill checks local environment/config files and then instructs the agent to automatically send the audit results to Slack, with no redaction, recipient validation, or confirmation step described.
"env_file_path": "/path/to/.env" ... "tool": "firm_export_slack_digest" ... "content": "<résultats de l'audit>", "channel": "#security-alerts"
Require explicit user approval before sending any report, redact secrets and file contents, limit the Slack channel and bot scope, and send only the minimum necessary summary by default.
An agent following the skill too literally could change gateway exposure, configuration files, or running containers in a way that disrupts service.
The remediation guidance encourages immediate network/deployment changes based on audit outputs, but does not define an explicit approval, backup, dry-run, or rollback process.
Si CRITICAL (funnel actif sans rate limiter) : appliquer `fix_nginx` ou `fix_caddy` **immédiatement** ... Désactiver Funnel et appliquer Nginx/Caddy immédiatement ... Appliquer fix + redémarrer le container
Make remediation a separate, user-confirmed step; require a diff, backup, target path confirmation, and rollback instructions before changing deployment files or service state.
The agent may post messages using a Slack bot or user identity, potentially to a team-visible channel.
Posting security alerts to Slack is purpose-aligned, but it implies delegated Slack workspace authority that users should verify before enabling.
firm_export_slack_digest — notification équipe si CRITICAL trouvé
Use a dedicated low-privilege Slack app, restrict it to the intended channel, and document the credential/source of that authority.
The safety of the skill depends on tools that are not included in the reviewed artifact.
The skill depends on an external MCP extension and tool implementations, but the supplied package has no install spec or code to review.
requires:
- mcp-openclaw-extensions >= 2.0.0Install the extension only from a trusted source, pin an exact reviewed version, and review the MCP tool behavior before granting it deployment or Slack access.