Security Audit Enhanced
PassAudited by ClawScan on May 10, 2026.
Overview
This appears to be a purpose-aligned local security auditing skill, but it inspects sensitive agent configuration locations and includes user-directed permission changes/report generation that should be used carefully.
This skill looks reasonable for local AI-agent security auditing. Before installing or running it, confirm the script path is the reviewed copy, run read-only audit/report commands first, avoid sharing reports that contain local security details, and use any permission-fixing option only on a narrow, intended path.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The skill may report on sensitive local agent configuration, credential file names, and permission settings.
The audit script deliberately inspects local agent configuration and credential-related directories. That is expected for the stated security-audit purpose, but these locations can reveal sensitive account or agent setup details.
CONFIG_PATHS = [Path.home() / ".clawdbot" / "clawdbot.json", ...] CREDENTIALS_PATHS = [Path.home() / ".clawdbot" / "credentials", Path.home() / ".clawdbot" / "agents"]
Run it only in environments where you are comfortable exposing configuration paths and security findings to the agent/session, and review generated reports before sharing them.
If invoked with a broad or incorrect path, it could change permissions on more files than intended.
The helper can recursively change permissions for a user-supplied path when --fix is used. This is purpose-aligned for remediation, but it is a local mutation capability.
parser.add_argument("--fix", action="store_true", help="Fix permissions automatically") ... os.chmod(item_path, expected)Run the audit/check mode first, confirm the target path is narrow and correct, and only then use --fix if you want those permission changes.
Opening a generated HTML report from untrusted input could expose the user to browser-side script execution.
The HTML report generator inserts finding and recommendation text into HTML without visible escaping. If the input JSON or audited values were untrusted or tampered with, active HTML/script content could be rendered when the report is opened.
<p class="finding-text">{finding.get("finding", "")}</p>
<strong>Fix:</strong> {finding.get("recommendation", "")}Generate reports only from trusted audit output, and escape HTML fields before rendering if this tool will process shared or untrusted JSON reports.
Users may need to verify where the scripts are installed and ensure they are running the reviewed files.
The artifacts include runnable scripts, while the skill has no explicit install specification and the documentation references running scripts from ~/.security-audit. This is a packaging clarity/provenance note, not evidence of malicious behavior.
No install spec — this is an instruction-only skill.
Install from the registry or a trusted checkout, and verify the script path before running commands from the documentation.