EdgeIQ XSS Scanner

This skill appears to be a straightforward, pure-Python XSS scanner, but review the following before installing or running: - Hardcoded path: discord_xss_command.py expects scanner.py at /home/guy/.openclaw/workspace/apps/xss-scanner/scanner.py. Update the path or place files accordingly to avoid surprises. - Documentation mismatches: SKILL.md examples mention 'full port coverage' and default workers=5, whereas the wrapper help mentions workers=15 and the code contains no port-scanning. Treat these as sloppy documentation and verify functionality matches your expectations before use. - TLS behavior: scanner.py disables certificate verification (CERT_NONE). If you need strict TLS checks, modify build_ssl_context. - Network impact & legality: the tool issues HTTP requests to targets you provide (and can follow external links if enabled). Only scan systems you own or have explicit permission to test. Consider running scans from an isolated environment or lab to avoid collateral impact. - Output and disclosure: results are returned to the caller (and the discord wrapper returns stdout/stderr). Confirm where results will be sent/posted (Discord channel, logs) to avoid leaking sensitive findings. If you plan to use this skill: (1) correct the hardcoded path or inspect the wrapper to ensure it calls the intended scanner, (2) run the scanner locally against a known test target first, (3) consider a quick audit of the rest of scanner.py (the provided code is readable) to confirm no hidden telemetry or external reporting, and (4) only run against authorized targets.