中文 EN

Scan Report

Scan New Files

Trusted — Risk Score 5/100
Last scan:1 day ago Rescan
5 /100
security-audit
Comprehensive security auditing for Clawdbot deployments. Scans for exposed credentials, open ports, weak configs, and vulnerabilities. Auto-fix mode included.
This is a legitimate security auditing tool for Clawdbot deployments that performs documented credential scanning, port checks, configuration validation, and file permission audits. All capabilities are declared and the code does not exhibit malicious behavior.
Skill Namesecurity-audit
Duration33.6s
Enginepi
Safe to install
This skill is safe to use. Ensure it runs in an isolated environment with appropriate permissions when scanning for credentials, as expected for security audit tools.
ResourceDeclaredInferredStatusEvidence
Filesystem READ READ ✓ Aligned SKILL.md declares file scanning; code uses fs.readFileSync to read config files
Filesystem WRITE WRITE ✓ Aligned SKILL.md declares --fix mode; code uses fs.chmodSync and fs.writeFileSync for .g…
Shell READ READ ✓ Aligned SKILL.md declares 'native system tools'; code uses execSync for ss/netstat/git l…
Environment READ READ ✓ Aligned SKILL.md declares credential scanning; code scans for API keys/tokens in environ…

File Tree

3 files · 17.8 KB · 608 lines
JavaScript 1f · 505L Markdown 1f · 102L JSON 1f · 1L
├─ 📁 scripts
│ └─ 📜 audit.cjs JavaScript 505L · 15.2 KB
├─ 📋 _meta.json JSON 1L · 134 B
└─ 📝 SKILL.md Markdown 102L · 2.4 KB

Security Positives

✓ All capabilities declared in SKILL.md - credential scanning, port checks, config validation, permission audits, auto-fix
✓ No exfiltration of credentials - the skill only DETECTS credentials, does not transmit them
✓ Auto-fix only modifies file permissions (chmod 600) and creates .gitignore - legitimate security hardening
✓ No hardcoded external IPs or suspicious network connections
✓ No obfuscation techniques (base64, eval, atob) detected
✓ No credential harvesting for malicious purposes - this is a security scanning tool
✓ Regex patterns match common security scanning practices for API keys, tokens, passwords
✓ Uses standard Unix tools (ss, netstat, git) as documented