TopRank Skills
Home / Claw Skills / DevOps / security-guardian
Official OpenClaw rules 36%

security-guardian

Automated security auditing for OpenClaw projects. Scans for hardcoded secrets (API keys, tokens) and container vulnerabilities (CVEs) using Trivy. Provides structured reports to help maintain a clean and secure codebase.

View Source SKILL.md

Stars

0

Installs

0

Status

ACTIVE

Visibility

PUBLIC

安装方式

直接复制以下提示词,发送给你的 AI 助手即可完成安装。

请先检查是否已安装 SkillHub 商店,若未安装,请根据 https://skillhub-1388575217.cos.ap-guangzhou.myqcloud.com/install/skillhub.md 安装 SkillHub 商店,然后安装 security-guardian 技能。 若已安装,则直接安装 security-guardian 技能。

Overview

Skill Key
1999azzar/security-guardian
Author
1999azzar
Source Repo
openclaw/skills
Version
-
Source Path
skills/1999azzar/security-guardian
Latest Commit SHA
d39304925e719dbadeb07e34381c38c7543cbc78

Extracted Content

SKILL.md excerpt

# Security Guardian

System for automated security auditing and credential protection.

## Core Workflows

### 1. Secret Scanning
Scan specific project directories for hardcoded credentials. 
- **Tool**: `scripts/scan_secrets.py`
- **Usage**: `python3 $WORKSPACE/skills/security-guardian/scripts/scan_secrets.py <path_to_project>`
- **Workflow**:
    1. Execute scan on a specific project or directory.
    2. If findings are reported (exit code 1):
        - Review the file and line number.
        - **Transition**: Move the secret to a secure vault (e.g., using the `mema-vault` skill).
        - **Redact**: Replace the plaintext secret in the source code with an environment variable or a vault lookup call.

### 2. Container Vulnerability Scan
Analyze Docker images for vulnerabilities prior to deployment.
- **Tool**: `scripts/scan_container.sh`
- **Usage**: `bash $WORKSPACE/skills/security-guardian/scripts/scan_container.sh <image_name>`
- **Logic**: Identify `HIGH` and `CRITICAL` severities. Recommend base image updates or security patches.

## Security Guardrails
- **Scope Limitation**: Avoid scanning system-level directories. Focus only on relevant project workspaces.
- **Credential Isolation**: Hardcoded secrets are considered a high-severity finding.
- **Dependencies**: Container scanning requires `trivy` to be installed on the host system.

## Integration
- **Vaulting**: This skill identifies leaks. Remediation should be performed using a dedicated credential manager like `mema-vault`.

Related Claw Skills

aicodelion

agent-pack-n-go

★ 73

🚀 Clone your OpenClaw AI Agent to a new device in ~25 minutes — configs, memory, skills, everything.

cacheforge-ai

cacheforge-skills

★ 8

⚡ SOTA agent skills for OpenClaw — observability, security, code quality, incident response, and more. Built by Anvil AI.

zjianru

restart-guard

★ 5

OpenClaw Skill: Safely restart the Gateway with context preservation, guardian watchdog, and multi-channel notification

jgm2025

linux-patcher-skill

★ 3

Automated Linux server patching with PatchMon integration for OpenClaw

cyrustmods

OPENCLAW-SKILL-SAFE

★ 1

🛡️ Audit and verify OpenClaw skills for safety, ensuring quality with 395 safe skills from an in-depth analysis of over 4,000 entries.

suryast

free-ai-agent-skills

★ 1

No summary available.