🧪 Skills
Security Sentinel
--- name: security-sentinel description: Scan the workspace for security vulnerabilities, exposed secrets, and misconfigurations. --- # Security Sentinel A unified security scanner for OpenClaw work
v1.0.1
Description
name: security-sentinel description: Scan the workspace for security vulnerabilities, exposed secrets, and misconfigurations.
Security Sentinel
A unified security scanner for OpenClaw workspaces. Detects vulnerabilities in dependencies (npm audit), exposed secrets (regex patterns), and unsafe file permissions.
Usage
CLI
Run a full security scan:
node skills/security-sentinel/index.js
This will output a JSON report to stdout. If risks are detected (high/critical vulnerabilities, secrets, or bad permissions), it exits with code 1.
Options
--skip-audit: Skip the npm audit step (faster)--no-fail: Do not exit with code 1 even if risks are detected (useful for monitoring only)
Programmatic
const sentinel = require('./skills/security-sentinel');
const report = await sentinel.scan();
if (report.status === 'risk_detected') {
console.error('Security issues found:', report);
}
Features
- Dependency Audit: Runs
npm auditto checkpackage.jsondependencies for known CVEs. - Secret Detection: Scans workspace files for patterns resembling API keys, passwords, and private keys.
- Permission Check: Verifies critical files (
package.json,.env) are not world-writable.
Configuration
- Ignored Paths:
node_modules,.git,logs,temp,.openclaw/cache. - Secret Patterns: Generic API Key, Password, Private Key, Feishu App Secret.
Reviews (0)
Sign in to write a review.
No reviews yet. Be the first to review!
Comments (0)
No comments yet. Be the first to share your thoughts!