ClawHub

Security Auditor Tk

v1.0.0

Run security audits on Linux servers, web applications, and cloud infrastructure. Checks SSH hardening, firewall rules, open ports, SSL/TLS config, file perm...

0· 49·0 current·0 all-time
by@tktk-ai
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
The name/description, SKILL.md, README, and reference docs all describe the same set of audits (SSH, firewall, file perms, TLS, web headers, updates, etc.). There are no declared env vars, required binaries, or config paths that are unrelated to running those checks. The cloud-review section expects provider and connection details from the user, which is consistent with auditing cloud resources.
Instruction Scope
The instructions explicitly direct scanning of system state and producing exact remediation commands (e.g., find /, sed edits to /etc/ssh/sshd_config, mount remount, systemctl operations). This is coherent for an auditor but means the agent will examine many system files and produce commands that, if executed, change system configuration. The SKILL.md does not instruct exfiltration or posting data to external endpoints, but it does rely on the user providing access details for cloud reviews.
Install Mechanism
This is an instruction-only skill with no install spec and no code files executed at install time — lowest risk from installation perspective.
Credentials
The skill declares no required environment variables or credentials. The cloud review instructions implicitly require cloud credentials or a connection method (user-provided), which is expected for that feature but not declared as required env vars. There are no unrelated credential requests in the package.
Persistence & Privilege
always is false and the skill does not request persistent system modifications or alter other skills. Model invocation is allowed (normal). Note: autonomous invocation plus the ability to produce and run system-altering commands means you should limit execution privileges (do not run as root) unless you explicitly trust the audit results.
Assessment
This skill appears coherent and is a typical instruction-only security auditor, but be careful before allowing any suggested commands to execute: 1) Review all recommended fix commands before running them — many are destructive or change authentication (sed edits, systemctl, mount remount). 2) Run audits in a safe environment or snapshot/back up configs first. 3) For cloud reviews, provide credentials only through secure channels and scope them (read-only where possible). 4) Prefer running the audit as a non-root user or in a test/staging instance; escalate privileges manually only after verifying the recommendations. 5) If you plan to let the agent invoke commands autonomously, restrict its execution rights and monitor actions closely.

Like a lobster shell, security has layers — review code before you run it.

latestvk975tgjc6t2c978r5pgjwxcr8n84hv3f

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments